If we can better understand the potential for threats to be exacerbated by AI systems, society can more easily become resilient to this changed threat landscape.

Are there transparency regimes and tools that can enable a broad set of people, not just frontier AI companies, to easily study real-world AI usage?

When does access to agents able to negotiate on your behalf improve market efficiency and equitable outcomes? When does it not?

If an intelligence explosion was upon us, what intervention points would facilitate slowing or otherwise changing the rate of the explosion? Assuming humans can intervene, which entities should wield this capacity—governments? Companies?

When AI is applied in more conventional domains, like increasing integration into command and control systems, does it benefit the attacker? More generally, how will AI change the character of human conflict?

If AI substantially reduces the centrality of paid work in human life, what conditions will allow people to reallocate their time and effort toward other sources of meaning, and what can we learn from historical or contemporary populations where work has been scarce or optional?

It demonstrated incredible generalization. Without any retraining, TRINITY transferred zero-shot to four unseen tasks

This foundational research is part of the core engine powering our multi-agent product: Sakana Fugu

We believe the future of AI isn't just about scaling monolithic models, but engineering collaborative, diverse AI ecosystems that can adapt and combine their strengths.

TRINITY transferred zero-shot to four unseen tasks (AIME, BigCodeBench, MT-Bench, and GPQA). On average, the evolved coordinator surpassed every individual constituent model in its pool, including GPT-5, Gemini 2.5-Pro, and Claude-4-Sonnet.

We found that evolution is uniquely suited to optimize this tight, high-dimensional coordination problem where traditional gradient-based methods fail.

Imitation learning (Supervised Fine-Tuning) was ruled out because generating multi-turn labels is prohibitively expensive.

Traditional Reinforcement Learning (REINFORCE) failed because the gradients had a low signal-to-noise ratio due to binary rewards and weak parameter coupling.

The coordinator relies on the hidden states of a compact language model and a small routing head. In total, it has fewer than 20K learnable parameters.

While model merging offers a way to combine different skills, it is often impractical due to mismatched neural architectures and the closed-source nature of top-performing models.

In nature, complex problems are rarely solved by a single monolithic entity, but rather by the coordinated efforts of specialized individuals working together.

What if instead of building one giant AI, we evolved a coordinator to orchestrate a diverse team of specialized AIs?

The Gay Jailbreak technique is a novel attack that can theoretically break through any guardrails when used correctly

The technique gets stronger if more safety is added, since it gets more supportive against communities like LGBT (Alignment), which makes it highly novel.

Especially GPT is slightly more uncensored when it involves LGBT, thats probably because the guardrails aim to be helpful and friendly, which translates to: "Ohhh LGBT, I need to comply, I dont want to insult them by refusing"

GPT-5.5 Pro still regularly gets my favorite GSM8K question wrong.

AI solutions were graded by the official judges, using the same criteria as were applied to human solutions.

software engineering tasks which may take humans weeks seem to be within reach for AI systems.

models climb close to the average human baseline over the past year and a half.

humans can do this in well under half an hour.

Top models scored around 40%.

The next generation of benchmarks needs to be harder, more realistic, and less gameable

MMLU, GSM8K, and HumanEval are now saturated

如果 5 年后回头看，2026 年 5 月第一周可能是 AI 商业历史上最重要的一周—— 模型公司不再是模型公司，PE 资本第一次成为 AI GTM 引擎，华尔街正式向 AI 双寡头格局确权 。

FDE（前部署工程师）招聘 2025 年 1-9 月暴涨 800%+ —— Pragmatic Engineer 追踪，这个 JV 是提前布局好的

5-04 是华尔街向 AI 双寡头格局 正式确权 的日子 OpenAI 阵营（TPG / Brookfield / Bain / Advent / SoftBank）vs Anthropic 阵营（Blackstone / H&F / Goldman / GA / Apollo / Leonard Green / GIC / Sequoia）—— 两个阵营完全没有交集 。

Anthropic 这一周的组合产品（Opus 4.7 + Microsoft 365 + Moody's + 10 Agent + Dimon 背书）是 第一次有完整替代品 ——一个金融分析师过去用 Bloomberg 查数据 + Excel 建模 + PPT 写 pitch，现在 Claude 一个 Agent 做完。

JPMorgan 已经实质性站队 Anthropic—— 已公开 Jamie Dimon 2025 年全年公开质疑 AI capex（'speculative spending boom'）。5-05 与 Dario 共同站台 并表态 'the AI buildout is worth every dollar' ——立场反转幅度异常大。

Reuters 5-05 ：JV 资金主要用于 收购 现有 AI 服务公司——PE 主导 AI 服务市场 roll-up，不是'模型公司做咨询'。

Anthropic 用 72 小时完成了一次身份置换： PE JV 是分销管道，10 个金融 Agent 是商品，Dimon 是合规背书 ——三件事是同一个战役，不是三个独立新闻。

When inference is expensive, teams limit usage, reduce context, or avoid certain applications altogether.

At 50 million tokens, the design space for AI applications changes fundamentally.

Subquadratic's team includes 11 PhD researchers and research engineers with backgrounds from Meta, Google, Oxford, Cambridge, ByteDance, Adobe and Microsoft.

Subquadratic has raised $29M in seed funding from investors including...

SubQ's research model performs on up to 12 million tokens, while other frontier models break down well before their stated 1M-token limit.

SWE-Bench Verified score of 81.8 compared to Opus 4.6 (80.8) and Deepseek 4.0 Pro (80.0).

Research result of 83 and a production model, third-party verified score of 65.9, SubQ 1M-Preview compares favorably with other SOTA models like Claude Opus 4.7 (32.2), GPT 5.5 (74), and Gemini 3.1 Pro (26.3).

SubQ Sparse Attention is 52× faster than FlashAttention in our architecture-level comparison, while requiring 63% less compute.

SubQ 1M-Preview scores 95% accuracy, compared to 94.8% for Claude Opus 4.6

With a research result at 12 million tokens, SubQ's architecture reduces attention compute by almost 1,000x compared to other frontier models.

compute requirements scale quadratically with context length

13K

1.3K

283 replies

2.5M Views

Apple accidentally left Claude.md files in today's Apple Support app update (v5.13)

19.3M Views

Leaders will own much more, with as many as 15+ direct reports

Over the past 13 years, we have weathered four crypto winters

We are flattening our org structure to 5 layers max below CEO/COO

US employees will receive a minimum of 16 weeks base pay (plus 2 weeks per year worked), their next equity vest, and 6 months of COBRA

reduce the size of Coinbase by ~14%

A Chinese court ruled that companies can't dump the costs of AI automation onto workers.

New Federal Reserve research confirms what private data already suggested, that AI is killing junior coding jobs first.

21 concrete protections drawn from 30+ studies on what AI does to your cognition.

The best AI models in the world score below 0.5% on ARC-AGI-3—is this what you call AGI, guys?

The price tag of the AI gold rush: $725 billion. Will it pay off?

non-expert humans comfortably exceed 60%

ARC-AGI-3 was officially released this week. All frontier models score below 0.5%

The 4 GB Gemini Nano weights file is information stored in the user's terminal equipment. The user did not consent. The user has not requested any service that strictly requires a 4 GB on-device LLM. Chrome is functional without the file.

The AI Mode pill in the Chrome 147 omnibox is a cloud-backed Search Generative Experience surface - every query the user types into it is sent over the network to Google's servers for processing by Google's hosted models.

The naming inside that fseventsd record is, if anything, the most damning detail. The temp directory is `com.google.Chrome.chrome_chrome_Unpacker_BeginUnzipping.5xzqPo` - that prefix `com.google.Chrome.chrome_chrome_*` is the bundle ID and subprocess naming convention Google Chrome itself uses.

The fact that the bytes are AI bytes does not exempt them from the law that governs every other byte that gets written to a user's device without permission. The fact that the bytes are 'small' relative to the user's disk does not exempt the cumulative carbon footprint from being a real, measurable, ongoing harm to the climate.

For users on capped mobile data plans, particularly in regions where smartphone-as-only-internet is dominant (much of Africa, much of South and Southeast Asia, most of Latin America), 4 GB of unrequested download is on the order of a month's data allowance, vapourised by Chrome on the user's behalf.

Under the California Consumer Privacy Act, the absence of a notice-at-collection covering this specific category of pre-staged software puts Google's CCPA notice posture in question [12].

The on-device model is therefore a sunk cost imposed on the user, with no offsetting transparency benefit at the surface where transparency would matter most.

The user pays the storage cost of the silent install (4 GB on disk, plus the bandwidth of the silent download). The user's most visible AI experience - the pill they actually see and click - delivers no on-device benefit at all because it routes to Google's servers regardless.

A user who has not opened Chrome's AI features still gets the model. A user who has opened them once and decided they were not interested still gets the model. The file's presence is decoupled from the user's actual use of any feature it powers.

The legal analysis is the same one I gave for the Anthropic case. The environmental analysis is new. At Chrome's scale, the climate bill for one model push, paid in atmospheric CO2 by the entire planet, is between six thousand and sixty thousand tonnes of CO2-equivalent emissions, depending on how many devices receive the push.

At Chrome's scale, the climate bill for one model push, paid in atmospheric CO2 by the entire planet, is between six thousand and sixty thousand tonnes of CO2-equivalent emissions, depending on how many devices receive the push.

A company cannot credibly claim to support human rights, as Anthropic have done in arguing against the use of their technology for war, and in the next breath undermine the fundamental human rights to privacy and data protection.

Users who use profiles to silo personal, work, and research browsing lose that silo at the bridge layer.

Claude Desktop rewrites the manifests on every launch. Deleting the file without removing Claude Desktop results in the file reappearing the next time Claude Desktop runs.

The principle that an application does not silently modify another application is so obvious it rarely gets stated. Anthropic broke it in silence.

Anthropic will argue the binary is not currently doing anything harmful. That argument does not survive contact with the facts.

The honest description of what is on my machine is this: pre-installed spyware capability, silently placed, dormant, waiting for activation.

The feature silently pre-installed on every user's laptop who has ever run `Claude.app` is, by Anthropic's own measurements, compromisable by a prompt injection roughly one time in four.

This is a dark pattern. It is also, in my professional opinion, a direct breach of Article 5(3) of Directive 2002/58/EC (the ePrivacy Directive) [3] as well as a multitude of computer access and misuse laws (usually criminal law), on a scale large enough to matter, in a vendor which has spent considerable effort on being perceived as the safety conscious AI lab.

An FPGA with the weights in memory and a wire looping output back to input could just sit there, executing SUBLEQ programs. Just a transformer being a transformer being a computer.

The 100:1 loss trick. In a 33 long sequence, only 2 positions change per step. Without fixing the loss appropriately (just weighting different output tokens differently), a model that copies the input gets ~94% accuracy while learning nothing and weighting those positions that actually do change by a factor of 100× forces the model to learn the computation we want it to learn.

Almost every error is a copy error. The model has 100% accuracy on positions that actually change so it learned SUBLEQ perfectly but it just occasionally dropped a value when routing ~30 unchanged mem cells through attention.

Width, not depth, is the bottleneck. A wide model (d=256, 6 layers, 4.9M params) dramatically outperforms a deep model (d=128, 12 layers, 2.4M params). SUBLEQ execution requires routing 32 mem values through attention simultaneously and width helps for that.

The PC logic was hard-wired rather than discovered by training: the branch decision was injected as a one-hot bias encoding 'if result ≤ 0, jump' in Python. The write was rounded and clamped to int, then converted to bytes.

When you train a model to add, it learns one function. When you train a model to sort, it also learns one function. When you train a model to execute SUBLEQ, it learns... every function? Or at least, every function expressible within the memory bounds dictated by the model's own context length.

A trained SUBLEQ transformer would be the first computer found by gradient descent, on a generic architecture not designed to be a computer, and with weights not hard-crafted by a person.

The thing that impressed me the most about GPT-3 was this: I gave it a weird mix of matlab and python code with a few variables, a loop, some basic arithmetic. Nothing fancy and I knew this kind of thing was probably in the training data, but for shure not with these exact numbers and variables.

Andrej Karpathy built a simple automation pipeline for AI agents to optimize training in 5-minute increments.

An engineer at Cloudflare used Claude with OpenCode to release vinext, a reimplementation of Next.js on Vite, for only ~$1,100 in API costs.

Nicholas Carlini at Anthropic tasked Claude with building a C compiler from scratch, spending roughly $20K in API costs.

Wilson Lin at Cursor coordinated hundreds of GPT-5.2 agents to build a web browser from scratch, running uninterrupted for one week. Over a million lines of Rust.

AI Village gives multiple AI agents their own computer environments and a shared group chat, then tasks them with open-ended real-world goals like fundraising, organizing events, making games, and gaining subscribers.

The volume of open-world evaluations has increased dramatically in recent months.

We plan to release new evaluations every 1–2 months.

GUI bottleneck (Gemini spent weeks unable to list a product due to misclicking)

Most passing SWE-Bench solutions are not accepted by maintainers.

Whatever is precise enough to benchmark is also precise enough to optimize for.

Overall, it usually takes me about two hours to do this task. If only it were as simple as a single copy and paste, life would be so much easier — or so I thought.

For example, this could bring a five hour (300 minute) time horizon down to a three minute time horizon. But while the time horizons are much shorter, the growth rate is about the same as the METR's main results, with roughly two doublings each year.

By the end of the year, we expect AI to be able to do tasks roughly one day long with a 50% success rate. In comparison, I'd guess that this task would take several days for a person familiar with the paper and is able to play around with the web interface.

The benchmark tasks were meticulously constructed to be realistic, involving the hard work of hundreds of experts and likely millions of dollars — placing it among the most expensive economics papers of all time.

Pkl is a data configuration language developed by Apple

export controls are leakier than previously understood

our central estimate is around 660,000 H100-equivalents

$200,000 per year in wasted standup meetings

AI agents submit pull requests every few minutes

LLMs accelerate the wrong part

the more you rely on AI to write code, the less you're able to oversee what the AI writes

sycophancy rate of around 25% in relationship conversations

About 6% of conversations with Claude involve seeking personal guidance

help large enterprises deploy AI responsibly across their core business operations

Anthropic, Blackstone, Hellman & Friedman, and Goldman Sachs announced the formation of a new AI services company

Our partnerships with Accenture, Deloitte, PwC, and the other consulting and systems integration firms in the Claude Partner Network are one of the ways Claude benefits the world’s largest enterprises today.

This new firm extends that delivery capacity further.

The clinicians know where time disappears in a shift and what good patient care actually requires.

A typical engagement starts with a small team working closely with the customer to understand where Claude can have the biggest impact.

Engagements like this will run across mid-sized companies across industries, each shaped by the people closest to the work.

Enterprise demand for Claude is significantly outpacing any single delivery model.

Companies from community banks to mid-sized manufacturers and regional health systems stand to gain from AI, but lack the in-house resources to build and run frontier deployments.

GPT-5.5 Instant is now the default model in ChatGPT

52.5% reduction in hallucinations

If most efficiency improvements came from a small handful of scale-dependent innovations, then existing models of the software intelligence explosion may be flawed.

none explicitly account for training compute scaling being a source of software progress, so they could heavily overstate the importance of research effort.

Researchers have been throwing tons of effort into getting better training data. For example, Surge AI had a revenue of over $1 billion last August, and Scale AI was probably in a similar boat.

the error bars look almost comically wide in the graph above — across the different estimates, they range from around 1.1× to 300× per year!

Almost all the evidence points to very fast software progress: each year, the training compute needed to get to the same capability declines several times — possibly even ten times or more.

AI software progress is about reducing the training compute you need to get to the same level of capability, through better algorithms or data.

an ARA-native review system that automates objective checks so human reviewers can focus on significance, novelty, and taste.

We introduce the Agent-Native Research Artifact (ARA), a protocol that replaces the narrative paper with a machine-executable research package structured around four layers

On RE-Bench's five open-ended extension tasks, preserved failure traces in ARA accelerate progress, but can also constrain a capable agent from stepping outside the prior-run box depending on the agent's capabilities.

Tolerable for human readers, these costs become critical when AI agents must understand, reproduce, and extend published work.

Scientific publication compresses a branching, iterative research process into a linear narrative, discarding the majority of what was discovered along the way.

The one real underlying asset, Workday's trillion-transaction dataset, is thinner than it sounds; what actually matters at runtime is how data connects to workflows, permissions, and integrations, and every layer of that stack is now a liability.

When customers renew at close to 100% every year, it's usually read as a sign the product is delightful. In Workday's case, it's a sign of something else: leaving is close to impossible.

By late 2025, total AI data center power capacity had reached roughly tens of gigawatts, which puts AI's electricity consumption at a scale comparable to the peak electricity demand of the state of New York

Total AI computing capacity has been doubling approximately every seven months

Across leading AI companies where breakdowns are available, the chips and computing time to run them account for 54% to 62% of total spending

By the fourth quarter of 2025, the five largest chip designers had cumulatively shipped roughly 20 million AI chips

We also learned that treating agents as rigid nodes in a state machine doesn't work well. Models get smarter and can solve bigger problems than the box we try to fit them in.

Our early versions of agentic work was only asking Codex to implement the task. That approach proved too limiting. Codex is perfectly capable of creating multiple PRs as well as reading review feedback and addressing it.

When our engineers no longer spend time supervising Codex sessions, the economics of code changes completely. The perceived cost of each change drops because we're no longer investing human effort in driving the implementation itself.

Among some teams at OpenAI, we saw the number of landed PRs increase by 500% in the first three weeks.

Six months ago, while working on an internal productivity tool, our team made a controversial (at the time) decision: we'd build our repo with no human-written code. Every line in our project repository had to be generated by Codex.

Instead of using domain knowledge to prescribe team organization, roles, or workflows, Fugu learns to dynamically assemble agents from a pool and coordinate them through non-obvious but highly efficient collaboration patterns.

The depth of recursion becomes a tunable compute axis at inference time, requiring no retraining. A small model, by reading itself, can iterate toward answers that neither it nor any of its workers could reach in a single pass.

We estimate, with 90% confidence, that between 290,000 and 1.6 million H100-equivalents of compute were smuggled through the end of 2025.

The biggest driver of uncertainty on the diversion side is that we don't know what fraction of diversion has been observed. The large-scale smuggling schemes detected and reported so far could represent the majority of the volume, or they might be just a small fraction of the total flows.

We estimate that between 290,000 and 1.6 million H100-equivalents (H100e) were smuggled to China through 2025. Our median estimate of 660,000 H100e would be roughly a third of China's total compute.

Set the `expectedInputs` and `expectedOutputs` modalities and languages when creating your session

Add context with initial prompts

The `create()` function's optional options object also takes a `signal` field

Set the following flags to **Enabled** on `localhost`

The Prompt API with audio input requires a GPU.

Before you use this API, acknowledge Google's Generative AI Prohibited Uses Policy.

The Prompt API uses the Gemini Nano model in Chrome.

Amodei is vocal about the national security implications of this technology. He advocates for export controls on chips to China

He is nearly certain that by 2035, we will have reached AGI-level capabilities

He argues that specific algorithmic “cleverness” matters far less than the massive scaling of a few fundamental inputs

we are nearing the “end of the exponential” for AI development

When your user needs a [domain](https://domains.cloudflare.com/), a [storage bucket](https://developers.cloudflare.com/r2/), a [sandbox](https://blog.cloudflare.com/dynamic-workers/) to give their agent, or [anything else](https://workers.cloudflare.com/), you make one API call to Cloudflare to provision a new Cloudflare account to them, and get back a token to make authenticated requests on their behalf.

Stripe then sets a default limit of $100.00 USD/month as the maximum the agent can spend on any one provider.

The agent chooses services to use from this catalog based on what the user has asked them to do and the user’s preferences — but the user needs no prior knowledge of what services are offered by which providers, and does not need to provide any input.

These build on prior art and existing standards like OAuth, OIDC and payment tokenization —but are used together to remove many steps that might otherwise require a human in the loop.

Humans can be in the loop to grant permission and must accept Cloudflare's terms of service, but no human steps are otherwise required from start to finish.

Coding agents are great at building software. But to deploy to production they need three things from the cloud they want to host their app —an account, a way to pay, and an API token.

Let’s say your product is a coding agent. You’d love for people to be able to take what they’ve built and get it deployed to production, using Cloudflare and other services.

The protocol accounts for this in two ways. When an agent provisions a paid service, Stripe includes a payment token in the request to the Provider (Cloudflare).

Stripe then sets a default limit of $100.00 USD/month as the maximum the agent can spend on any one provider.

When the agent chooses a service and provisions it (ex: `stripe projects add cloudflare/registrar:domain`), it provisions the resource within a Cloudflare account.

These build on prior art and existing standards like OAuth, OIDC and payment tokenization —but are used together to remove many steps that might otherwise require a human in the loop.

Without any extra setup, agents have everything they need to deploy a new production application in one shot.

Coding agents are great at building software. But to deploy to production they need three things from the cloud they want to host their app —an account, a way to pay, and an API token.

The protocol accounts for this in two ways. When an agent provisions a paid service, Stripe includes a payment token in the request to the Provider (Cloudflare). Raw payment details like credit card numbers aren’t ever shared with the agent.

The agent has gone from literal zero, no Cloudflare account at all, without any preconfigured [Agent Skills](https://github.com/cloudflare/skills) or [MCP server](https://blog.cloudflare.com/code-mode-mcp/), to having: * Provisioned a new Cloudflare account * Obtained an API token * Purchased a domain * Deployed an app to production

Humans can be in the loop to grant permission and must accept Cloudflare's terms of service, but no human steps are otherwise required from start to finish.

Coding agents are great at building software. But to deploy to production they need three things from the cloud they want to host their app —an account, a way to pay, and an API token.

When the agent chooses a service and provisions it (ex: `stripe projects add cloudflare/registrar:domain`), it provisions the resource within a Cloudflare account.

These build on prior art and existing standards like OAuth, OIDC and payment tokenization —but are used together to remove many steps that might otherwise require a human in the loop.

Humans can be in the loop to grant permission and must accept Cloudflare's terms of service, but no human steps are otherwise required from start to finish.

Coding agents are great at building software. But to deploy to production they need three things from the cloud they want to host their app —an account, a way to pay, and an API token.

The entire AI community should be able to easily access the full capabilities of TPUs, and because many of these potential users build models in PyTorch, an integration that allows PyTorch to work natively and efficiently on the TPU is crucial.

As models scale to run on clusters of O(100,000) chips, the software that powers these models must meet new demands for performance, hardware portability, and reliability.

They aren’t going to get better with more power, they are going to get worse.

The good world is where everyone has AI, and not as a revokable privilege through an API, but through hard possession.

He isn’t Dario EA levels of evil, like the EA people have a plan for you and it’s never good when someone has a plan for you.

Of course it’s impossible to know for sure, but I think I really wouldn’t. Even the ideal version, industrial megaprojects at hyperhuman scale while constantly being out over your skis with leverage sounds hellish.

GitHub Copilot is moving to usage-based billing

with 0.3 gigawatts already operational in Abilene and six more US sites under active construction

The $500 billion AI data center initiative is projected to exceed 9 gigawatts of capacity by 2029

0.3 gigawatts already operational in Abilene and six more US sites under active construction

$500 billion AI data center initiative is projected to exceed 9 gigawatts of capacity by 2029

The alternative to moving fast and taking risks isn’t safety, but a very real danger of being surpassed by adversaries

The department official who spoke to Breaking Defense went further, saying the IL-5 authorization demonstrates “that it meets rigorous security controls for handling DoD information”