|
|
|
Sam Altman asked GPT-5.5 what it wanted for its own launch party. The model responded with a detailed list: hold it on May 5, keep the speeches short, have its human creators give a toast (it specifically said it did NOT want to give one itself), and set up a feedback station for GPT-5.6 ideas. |
"We're going to do it," Altman said. "But it was a strange thing." Not to be outdone, Stripe CEO John Collison gave his company's internal AI agent $20 to spend freely online. It bought itself an HTTP design template. So yeah, the models are getting opinions. And apparently, taste. |
Here’s what happened in AI today: |
😺 AI is finding software bugs faster than anyone can patch them 📰 China blocked Meta's acquisition of AI agent startup Manus 📰 OpenAI restricted GPT-5.5-Cyber access after mocking Anthropic for the same move 🍪 Gemini can now build your Google Docs, Sheets, and PDFs from a single prompt 🎓 Meta is tracking employee keystrokes across hundreds of apps to train its AI
|
Hey: Want to reach 700,000+ AI-hungry readers? Advertise with us! |
P.S: Love robots? We’re starting a new robotics newsletter! Sign up early here. |
|
😺 A Wave of Software Patches Is Coming. Is Anyone Ready? |
The UK's National Cyber Security Centre issued an unusual warning about what's coming next. AI, the NCSC says, is now capable of unearthing decades of buried software flaws at a scale and speed that the industry's entire patching infrastructure was never built to handle. |
The result? A coming flood of critical updates across every layer of the tech stack, all at once. They're calling it a "patch wave." Organizations that aren't ready will be caught flat-footed. That's the problem the NCSC is trying to get ahead of. As more AI tools gain this capability, the gap between "flaw discovered" and "flaw exploited" shrinks from weeks to hours. The NCSC's guidance is direct: |
Prioritize anything internet-facing first, then work inward Enable automatic updates wherever possible Legacy systems that can't receive patches need to be replaced, not ignored Assume incoming updates will be critical severity, not routine
|
The warning didn't come out of nowhere. In April, Anthropic unveiled Claude Mythos Preview, a model so effective at finding software vulnerabilities that Anthropic refused to release it publicly. During testing, it found over 2,000 previously unknown flaws across major operating systems and browsers, including a 27-year-old bug in OpenBSD and a 17-year-old remote code execution flaw in FreeBSD. Over 99% of what it found remains unpatched today. |
But, the urgency is already materializing. Last week, researchers at security firm Theori used their own AI tool to scan Linux's cryptographic code. It took about an hour. What they found (dubbed "Copy Fail") grants hackers full root access to every major Linux distribution shipped since 2017. One 732-byte script. One hundred percent reliability. A fix exists, but exploit details went public before all distributions had issued patches. |
Why This Matters: You don't run a server. You don't manage patches. But your paycheck, your medical records, and your taxes all live on systems that do. These systems were built assuming bugs get found slowly, by humans, one at a time. That assumption just broke. Anthropic says over 99% of what Mythos found is still unpatched. Copy Fail is just one example of what happens when that window stays open too long. The vulnerabilities are known. The clock is running. The only question is who finds them next. |
|
|
|
|
Most AI tools are brilliant at general knowledge and embarrassingly wrong about your own company. They search scattered docs, stale wikis, and outdated process files — and they do it confidently. |
Guru is the governed knowledge layer that fixes the foundation. One continuously verified source of truth that your AI agents, employees, and workflows all pull from. Correct once — right everywhere. |
Used by Spotify, DHL, and Brex to power enterprise AI that actually works. |
|
→ See how it works |
|
|
YouTuber Paul J. Lipsky just walked through something worth knowing: Gemini can now generate full files — Google Docs, Sheets, Slides, Excel, CSV, PDF, even Markdown directly from a prompt, no copy-pasting required. |
A few things you can do right now: |
Research + doc in one shot. Ask Gemini to look something up and create a Google Doc with its findings. It does both in one go. Turn receipts into a spreadsheet. Upload a bunch of photos or files, ask Gemini to organize them into an Excel or Sheets file with whatever columns you need. Pull from your Drive. Ask Gemini to find an existing file in your Drive and build something new from it like a PDF summary with graphs. Create multiple files at once. You can ask for the same content in several formats simultaneously.
|
One caveat Lipsky flagged: when you ask Gemini to edit an existing Drive file, it duplicates it instead of editing in place. Not ideal, but workable. |
Our favorite use case: feed it a folder of receipts, get a clean expense report ready for export. Saves an embarrassing amount of time. |
Total AI beginner? Start here (goes with this video). |
Have a specific skill you want to learn? Request it here. |
|
|
|
|
|
|
Did you know we have a podcast (The Neuron: AI Explained) where we talk to fascinating people in the industry who teach us how it actually works? Check it out: |
 | Click to view these episodes on YouTube! |
|
New episodes air every week on: Spotify | Apple Podcasts | YouTube |
|
📰 Around the Horn |
 | ChatGPT images are getting so good, people are using them to gaslight their friends. The future is here and it's chaotic. |
|
China blocked Meta's acquisition of AI agent startup Manus, citing national security concerns over foreign acquisition of advanced technology. OpenAI announced it would limit access to GPT-5.5-Cyber to vetted "cyber defenders" only, mirroring the same restricted-rollout approach it previously mocked Anthropic for using with Mythos. Israel's National Cyber Directorate warned CEOs that AI is lowering the barrier to complex cyberattacks, making threats that once required expert hackers accessible to far less sophisticated actors. Meta began tracking employee keystrokes across hundreds of apps including Google, Slack, and LinkedIn as part of an AI training initiative called the Model Capability Initiative. ByteDance's drug discovery unit Anew Labs began presenting AI-designed therapies at major international conferences, including an autoimmune treatment at Immunology2026 in Boston.
|
|
😹 Monday Meme |
 | The startup graveyard keeps getting new residents. Claude just shipped another free feature and somewhere, a founder is updating their LinkedIn from 'CEO' to 'open to work.' |
|
|
|
|
|
| That’s all for now. | | What'd you think of today's email? | |
|
|
P.S: Before you go… have you subscribed to our YouTube Channel? If not, can you? |
 | Click the image to subscribe! |
|
P.P.S: Love the newsletter, but only want to get it once per week? Don’t unsubscribe—update your preferences here. |
