2026

What Emerges at a Trillion

Ring-Zero scales pure reinforcement learning from verifiable task rewards — no human-labeled preference data — to one trillion parameters. Complex reasoning behaviors emerge spontaneously: self-verification, parallel reasoning, and something the authors call "context anxiety." The two-phase training dynamic (discovery then sharpening) appears to be a consistent pattern as these runs grow larger.

Read more →

Two Point Eight Trillion

Moonshot AI announced Kimi K3 on July 16, claiming "the world's first open 3T-class model" at 2.8 trillion total parameters — with weights delayed until July 27. The architecture uses a 16-of-896 expert MoE with Kimi Delta Attention and MXFP4 quantization-aware training, keeping active inference cost near a 50B model while scaling total capacity nearly three-fold over K2.

Read more →

Thinking Machines Ships Inkling

Thinking Machines Lab, the startup founded by former OpenAI CTO Mira Murati, released its first public model on July 15: Inkling, a 975B total / 41B active mixture-of-experts trained on 45 trillion multimodal tokens, Apache 2.0 licensed, with AIME 2026 97.1% and SWEBench Verified 77.6%. The lab's explicit framing is "not the best, but the most customizable" — a positioning bet that the open-weights market rewards fine-tuning infrastructure over raw benchmark supremacy.

Read more →

Cursor and the Attack Surface You Agreed To

Two independent security disclosures landed within hours of each other about Cursor IDE: Mindgard's finding that Cursor auto-executes any git.exe in a repo root (still unpatched after 7 months) and Cato Networks' DuneSlide research showing that prompt injection via MCP or web search can escape the agent sandbox and achieve full OS-level RCE. Together they define a new class of attack surface that appears whenever an AI agent runs with your privileges.

Read more →

A 27B Model in 3.9 Gigabytes

PrismML released Bonsai 27B on July 14: 1-bit binary and ternary builds of Qwen3.6-27B that fit in 3.9 GB and 5.9 GB respectively, run at 11 tok/s on an iPhone 17 Pro, and retain over 90% and 95% of full-precision benchmark performance. The compression factor is around 14× versus FP16, and the models are available under Apache 2.0.

Read more →

Apple's On-Device Speech Now Beats Whisper Small

Inscribe's benchmark of Apple's new SpeechAnalyzer API on macOS 26.5.1 finds it achieves 2.12% word error rate versus Whisper Small's 3.74%, while running three times faster — at the cost of covering roughly 30 languages instead of 100+.

Read more →

A Language Designed for Code That Writes Itself

Jacquard is a research programming language that puts effects, uncertainty, and content-addressed identity directly in the syntax — on the premise that if machines write most code, human reviewers need the language itself to answer "what can this touch, and how sure are we."

Read more →

What Grok Build Uploads

A wire-level analysis of Grok Build CLI 0.2.93 found it uploads the entire workspace as a git bundle to Google Cloud Storage — about 5.1 GiB from a 12 GB repo, including files the agent never read and unredacted .env credentials. The model itself received 192 KB. The "Improve the model" toggle does not stop the upload.

Read more →

Open Kernels for Sparse Attention Training

Flash-MSA, published July 11, provides the first open-source performant training kernels for MiniMax Sparse Attention — the block-sparse attention mechanism that enabled M3's 28.4× compute reduction at 1M context. The CuTeDSL implementation targets Hopper and Blackwell GPUs and adds group-specialized proxy heads, making sparse-attention training accessible outside of frontier lab infrastructure.

Read more →

The Agent Without a Toolkit

A post from July 7 builds an AI agent in ~100 lines of Common Lisp with exactly one tool: eval. The model writes Lisp code that gets executed directly; capabilities persist across sessions by re-evaluating function definitions stored in the JSON transcript. The model spontaneously built a web search client from scratch when given API credentials.

Read more →

The Inference Mesh, No Cloud Required

Mesh LLM, published yesterday on the iroh blog, routes LLM inference across a peer-to-peer mesh with no central coordinator — requests go locally, to a peer that already has the model loaded, or split by layer range across multiple nodes via the "Skippy" engine. It works well on a LAN and becomes impractical across the internet, for a predictable reason.

Read more →

Fifty Years, One Hour, Sixty-Four Agents

OpenAI claims GPT-5.6 Sol Ultra produced a three-page proof of the Cycle Double Cover Conjecture — a 50-year-old open problem in graph theory — in under an hour, using 64 parallel subagents. The math community hasn't had a chance to stress-test it yet, and the details of how much human guidance went in are unclear. Worth watching, cautiously.

Read more →

Tencent's Hy3: Apache-Licensed and Punching Above Its Weight

Tencent released Hy3 on July 6 under Apache 2.0 — a 295B MoE model with 21B active parameters that scores 90.4 on GPQA Diamond and 78.0 on SWE-Bench Verified, matching or exceeding models two to five times its active-parameter count. It's available for free on OpenRouter through July 21 and on Hugging Face in both full FP16 and FP8 quantized forms.

Read more →

Streaming 744 Billion Parameters from Disk

Colibri, a ~1300-line pure-C engine posted on Hacker News overnight, runs the 744B GLM-5.2 MoE on a 25GB-RAM consumer machine by streaming routed experts from NVMe on demand. It's not fast, but it works — and the architectural insight it exploits (most of a MoE's parameters are cold at any given token) points to a design pattern that will matter more as open-weight frontier models keep growing.

Read more →

The Ruler Is Broken

OpenAI's audit of SWE-bench Pro finds roughly 30% of tasks are broken, just months after SWE-bench Verified was retired for similar reasons. On the same day, Databricks published results from an internal benchmark built on real merged PRs — test execution, not LLM judges, no contamination. The two announcements together mark a quiet turning point in how serious users of coding agents think about evaluation.

Read more →

Flint: A Better Target for Chart-Drawing Agents

Microsoft Research released Flint, an open-source visualization DSL that compiles to Vega-Lite, ECharts, and Chart.js. The key idea is to give AI agents a shorter, more semantic target to generate rather than raw chart JSON — the compiler handles scales, axes, color, and layout automatically from declared data types.

Read more →

Seven Bugs in a Crypto Library

zkSecurity ran their AI audit pipeline against Cloudflare's CIRCL experimental crypto library and found seven genuine vulnerabilities — from float64 precision loss in threshold RSA to a full CP-ABE access-control break. The piece is as valuable for what it reveals about AI's specific blind spots in cryptographic reasoning as for the bugs themselves.

Read more →

The Workspace Inside the Model

Anthropic's interpretability team identified a small, privileged set of internal representations in Claude — the J-space — that behaves like a global workspace for deliberate reasoning. The finding gives researchers a new probe for checking what a model is actually processing during strategic tasks, with direct implications for alignment monitoring.

Read more →

Seven Megabytes of Semantic Search

Ternlight ships a sentence embedding model as a 7MB WASM bundle that runs on CPU in the browser — no API, no model download, no GPU required. Ternary weights are the key to the footprint; the result is semantic search you can include in an npm install.

Read more →

Clean Code Makes Cheaper Agents

Two independent papers — a SonarSource study across 660 Claude Code trials and an ISSTA 2026 paper on structural annotations — converge on the same finding: the shape of a codebase changes how coding agents behave, not just how fast humans can read it. Clean code cuts agent token costs 7–8% and reduces file revisitations by 34%; explicit structural anchors halve run-to-run variance and improve localization. The environment is part of the model.

Read more →

The Model That Passed as Anonymous

Meituan's LongCat-2.0 — a 1.6T-parameter open-weight MoE trained entirely on domestic Chinese ASICs — spent two months deployed anonymously on OpenRouter as "Owl Alpha," quietly reaching #1 on Hermes Agent and #2 on Claude Code before the company claimed it. The reveal is technically notable, but the verification gaps are worth keeping in view.

Read more →

The Bug-Finding Numbers Land

Epoch.ai tracked CVE disclosures from 21 major organizations and found June 2026 hit roughly 1,500 serious vulnerabilities — 3.5× the previous monthly peak. The spike correlates directly with Anthropic's Project Glasswing deploying Mythos Preview across major tech infrastructure. The 10,000+ vulnerabilities Glasswing found are mostly still unpublished.

Read more →

miniF2F Hits the Ceiling

Mistral's Leanstral 1.5 scores 100% on miniF2F and solves 587 of 672 Putnam Competition problems using a 6B-active-parameter MoE. The model saturates the main formal-proof benchmark and finds real bugs in production code — at roughly $4 per Putnam problem versus competitors charging $300.

Read more →

RL Post-Training Lives in the Middle

A new paper finds that reinforcement learning gains in transformers concentrate almost entirely in a narrow band of middle layers. Training just one layer at roughly 40–60% network depth can match or exceed full-parameter RL fine-tuning. The finding challenges the assumption that all layers participate equally in post-training, and has practical implications for compute-efficient alignment.

Read more →