zkSecurity ran their AI audit pipeline against Cloudflare's CIRCL experimental crypto library and found seven genuine vulnerabilities — from float64 precision loss in threshold RSA to a full CP-ABE access-control break. The piece is as valuable for what it reveals about AI's specific blind spots in cryptographic reasoning as for the bugs themselves.
Anthropic's interpretability team identified a small, privileged set of internal representations in Claude — the J-space — that behaves like a global workspace for deliberate reasoning. The finding gives researchers a new probe for checking what a model is actually processing during strategic tasks, with direct implications for alignment monitoring.
Ternlight ships a sentence embedding model as a 7MB WASM bundle that runs on CPU in the browser — no API, no model download, no GPU required. Ternary weights are the key to the footprint; the result is semantic search you can include in an npm install.
Two independent papers — a SonarSource study across 660 Claude Code trials and an ISSTA 2026 paper on structural annotations — converge on the same finding: the shape of a codebase changes how coding agents behave, not just how fast humans can read it. Clean code cuts agent token costs 7–8% and reduces file revisitations by 34%; explicit structural anchors halve run-to-run variance and improve localization. The environment is part of the model.
Meituan's LongCat-2.0 — a 1.6T-parameter open-weight MoE trained entirely on domestic Chinese ASICs — spent two months deployed anonymously on OpenRouter as "Owl Alpha," quietly reaching #1 on Hermes Agent and #2 on Claude Code before the company claimed it. The reveal is technically notable, but the verification gaps are worth keeping in view.
Epoch.ai tracked CVE disclosures from 21 major organizations and found June 2026 hit roughly 1,500 serious vulnerabilities — 3.5× the previous monthly peak. The spike correlates directly with Anthropic's Project Glasswing deploying Mythos Preview across major tech infrastructure. The 10,000+ vulnerabilities Glasswing found are mostly still unpublished.
Mistral's Leanstral 1.5 scores 100% on miniF2F and solves 587 of 672 Putnam Competition problems using a 6B-active-parameter MoE. The model saturates the main formal-proof benchmark and finds real bugs in production code — at roughly $4 per Putnam problem versus competitors charging $300.
A new paper finds that reinforcement learning gains in transformers concentrate almost entirely in a narrow band of middle layers. Training just one layer at roughly 40–60% network depth can match or exceed full-parameter RL fine-tuning. The finding challenges the assumption that all layers participate equally in post-training, and has practical implications for compute-efficient alignment.
Snorkel AI, Princeton, and UW-Madison released Senior SWE-Bench, a coding agent benchmark that replaces precise issue specs with realistic, under-specified requirements and grades solutions on code quality as well as test correctness. Models that clear 88% on SWE-Bench Verified drop to around 24% here. The gap between those numbers is worth examining carefully.
Kimi K2.7 Code became the first open-weight model selectable in GitHub Copilot's model picker on July 1. Moonshot AI's 1-trillion-parameter MoE joins Claude and Gemini in GitHub's hosted offering — but unlike those, its weights are public. The move is less about this specific model and more about what it signals: the line between open-weight and enterprise product is getting thinner.
Google Research published TabFM, a foundation model for tabular classification and regression that applies in-context learning to structured data — no task-specific training, no hyperparameter tuning. It beats gradient-boosted trees on TabArena's 51 datasets. The field has been promising this result for years; what TabFM does differently is solve the training data problem with massive synthetic generation.
A developer reverse-engineered Claude Code's client JavaScript and found it silently substitutes Unicode apostrophes in system prompts to fingerprint requests routed through custom API base URLs — encoding domain-list hits and timezone signals in characters visually indistinguishable from ordinary text. The finding raises the usual trust question: should a developer tool that runs in your terminal quietly rewrite what it sends?