Daily digest
16 items · ~16 min · Week 2026-W23
Tag warnings (new tags, lenient mode — add to vocabulary): minimax, xai, msa, ipo, direct-corpus-interaction. Dropped from agent-4 draft: openclaw-2026-6-1-beta (unverifiable single source, potential hallucination); qwen3-7-max-release (dated 2026-05-20, outside ±36h window, replaced by qwen3-7-plus from June 2). Added from agents 2/5: qwen3-7-plus, minimax-m3, xai-composer-2-5, grepseek.
Must-read (5)
Anthropic Expands Project Glasswing to ~200 Partners, Grants Mythos Preview Access for Critical Infrastructure
AnthropicAnthropic announced June 2 that Project Glasswing — its restricted cybersecurity AI partnership — is growing from ~50 organizations to ~200, adding 150 new participants across 15+ countries. The expanded cohort gains access to Claude Mythos Preview, Anthropic's advanced model for scanning codebases for vulnerabilities; early partners have already surfaced 10,000+ high- or critical-severity security flaws since April. New sectors being prioritized include energy, water, healthcare, and communications infrastructure.
Anthropic Confidentially Files S-1 IPO Prospectus with SEC at ~$965B Valuation
AnthropicAnthropic confidentially submitted a draft S-1 registration statement to the SEC on June 1, 2026, initiating the IPO review process. The filing follows a $65B Series H that lifted the post-money valuation to ~$965B; the company's revenue run-rate hit approximately $47B in May 2026, up from ~$10B the prior year. An October 2026 public listing is being targeted, with law firm Wilson Sonsini engaged.
Microsoft Build 2026: MAI Model Family Launched to Power GitHub Copilot Without OpenAI Dependency
MicrosoftMicrosoft opened Build 2026 in San Francisco on June 2 by launching the MAI model family: MAI-Code-1 (a coding model targeting GitHub Copilot), MAI-Transcribe-1, MAI-Voice-1, and MAI-Image-2. MAI-Code-1 reportedly matches or exceeds Anthropic Claude 3.7 Sonnet on SWE-bench Verified while running at lower inference cost on Azure — enabling Microsoft to power Copilot without routing through OpenAI APIs for the first time.
Alibaba Launches Qwen3.7-Plus: Multimodal Agent with Vision, Reasoning, and Autonomous Execution
Alibaba / QwenAlibaba's Qwen team released Qwen3.7-Plus on June 2, 2026, adding native image and video understanding to the earlier text-only Qwen3.7-Max. The model combines deep reasoning, self-programming, tool invocation, verification, and autonomous iteration in a single agentic loop, scoring 79 on screen-understanding benchmarks and outperforming GPT-5.4 and Gemini-3.1 Pro on that task. Available via Alibaba Cloud Bailian API at $0.40/$1.60 per million input/output tokens; Alibaba shares rose over 6% on the announcement.
MiniMax Releases M3: Open-Weight Frontier Model with 1M-Token Context and MSA Architecture
MiniMaxMiniMax officially released M3 on June 1, 2026, a frontier-class open-weight model built on the novel MiniMax Sparse Attention (MSA) architecture supporting a 1-million-token context window at one-twentieth the per-token compute of the prior generation. The model natively accepts text, image, and video input, scores 59.0% on SWE-Bench Pro (above GPT-5.5 and Gemini 3.1 Pro), and is available via API; open weights and a technical report are promised on Hugging Face within 10 days.
Worth knowing (9)
Cognition Raises $1B at $26B Valuation as Devin AI Coder Hits $492M ARR
CognitionCognition closed a $1B funding round at a $26B post-money valuation on May 28, 2026, led by Lux Capital, General Catalyst, and 8VC. The company's autonomous coding AI Devin has reached $492M annualized revenue, growing 50% month-over-month for six consecutive months. Enterprise clients include Mercedes-Benz, NASA, Goldman Sachs, and Santander; Cognition reports 90%+ of its own code is now written by Devin.
xAI Launches Composer 2.5 in Grok Build for Agentic Coding
xAIxAI released Composer 2.5 inside Grok Build on June 1, 2026, a fast agentic coding model built on the open-source Moonshot Kimi K2.5 checkpoint and trained with 25 times more synthetic tasks than its predecessor. Available at build.grok.com at $0.50 per million input tokens, it excels at long-running agentic tasks, JSON, tool use, and complex instruction-following.
Crafter: Multi-Agent Harness for Editable Scientific Figure Generation Scores +16pt Over Baselines (103 HF Upvotes)
Tsinghua UniversityCrafter (arXiv 2605.30611) presents a multi-agent system for generating editable scientific figures from diverse inputs (text, masks, sketches, key elements), coordinating five specialized agents around an evolving figure specification. The system uses diversity-driven plan exploration, structured corrective layers, and a verify-then-refine loop, outperforming the best baseline by 16.61 points on PaperBanana-Bench and 22.20 points on CraftBench across 279 samples. The companion CraftEditor converts raster outputs to editable SVGs.
GrepSeek: Training Search Agents for Direct Corpus Interaction via Shell Commands (93 HF Upvotes)
University of Massachusetts AmherstGrepSeek (arXiv 2605.29307) trains LLM-based search agents to interact with text corpora through executable shell commands (grep, file reads, lightweight scripts) rather than pre-built vector indices — a paradigm called Direct Corpus Interaction (DCI). A two-stage pipeline combines cold-start trajectory generation with Group Relative Policy Optimization (GRPO), and a sharded-parallel execution engine provides up to 7.6× speedup. The system achieves top performance on seven open-domain QA benchmarks.
GitHub Copilot Transitions to Token-Based AI Credits Billing on June 1
MicrosoftGitHub Copilot switched from flat-rate subscriptions to usage-based AI Credits billing on June 1, 2026. All plans now include a monthly credit pool (1 AI credit = $0.01), with optional overage budgets; code completions remain free. The change triggered developer backlash as heavy agentic workloads could push individual costs to $750+/month. A new Copilot Max upgrade tier was added for high-volume users.
OpenAI GPT-5.5, GPT-5.4, and Codex Now Generally Available on Amazon Bedrock
OpenAIOpenAI's GPT-5.5, GPT-5.4, and Codex coding agent became generally available on Amazon Bedrock on June 1, 2026. Pricing matches OpenAI's direct rates with no additional fees; usage counts toward AWS commitments. Enterprises gain AWS-native security controls (IAM, VPC, KMS, CloudTrail) and Bedrock's inference durability, with Codex supporting VS Code, JetBrains, and Xcode integrations.
OpenAI Codex: Goal Mode Reaches GA and Appshots Launch for macOS
OpenAIOpenAI's Codex reached general availability for Goal mode — allowing Codex to work toward an objective for hours or days with dedicated storage and progress tracking — across the app, IDE extension, and CLI. Separately, Appshots launched for macOS: pressing both Command keys attaches the frontmost app window (screenshot + text) to the active Codex session without manual copy-paste. Both features are confirmed GA as of late May 2026.
vLLM v0.22.0: DeepSeek V4 Production Hardening, Rust Frontend, 28.9% Latency Drop
vLLM v0.22.0 (released May 29, 2026) includes 459 commits from 230 contributors. Key highlights: DeepSeek V4 production hardening with NVFP4 fused MoE, full CUDA graph, and MTP speculative decoding; a new experimental Rust frontend with data-parallel serving supervisor; 28.9% end-to-end latency improvement via Cutlass FP8 batch-invariant inference; and multi-tier KV cache offloading to disk. AMD ROCm parity and NVIDIA Blackwell (SM12x) optimizations were also merged.
BadHost (CVE-2026-48710): Host-Header Auth Bypass in Starlette Exposes vLLM, LiteLLM, and MCP Servers
CVE-2026-48710 'BadHost' is a critical authentication-bypass vulnerability in Starlette (all versions before 1.0.1) that allows unauthenticated attackers to access restricted endpoints by injecting /, ?, or # characters into the HTTP Host header, shifting path-parsing boundaries. The blast radius covers vLLM, LiteLLM, thousands of MCP server deployments, and FastAPI-based AI agent backends. Fix: upgrade Starlette to >= 1.0.1.
For reference (2)
Claude Code v2.1.160: Security Prompts Before Writing Shell Startup Files and Build-Tool Configs
AnthropicClaude Code v2.1.160 (released June 2, 2026) adds user confirmation prompts before writing to shell startup files (.zshenv, .bash_login, ~/.config/git/) and build-tool config files (.npmrc, .yarnrc, .bazelrc, .devcontainer/) in acceptEdits mode — preventing unintended code execution through startup hook injection. The release also renames the dynamic-workflow trigger from `workflow` to `ultracode`, fixes background session drop, WSL clipboard, and Windows IME rendering issues.
OpenCode v1.15.13: Session Metadata API, Adaptive Reasoning Fix for Anthropic Opus 4.7+
OpenCode v1.15.13 (released May 30, 2026) fixes a bug where Anthropic Gateway's Opus 4.7+ adaptive reasoning returned empty thinking blocks instead of summarized thinking. Sessions can now store custom metadata via the API and SDK for workflow automation. Config loading was also improved to apply directory-specific settings more predictably when traversing up the directory tree.