AI

xAI is pushing Grok from chat into app and automation building. The beta combines Plan Mode, Imagine media generation, and a CLI for automations, and the launch post drew more than 53 million views.

AI media provenance is moving into search and browsers, not just model demos. Google DeepMind says SynthID has watermarked over 100 billion items, while OpenAI, ElevenLabs, and Kakao will add the watermark to more generated content.

Claude products now touch real tools, so the risk question is shifting from model persuasion to execution boundaries. Anthropic says users approved about 93% of Claude Code permission prompts, a number that weakens human-in-the-loop defenses.

The discussion focused on a sharper bottleneck than GPU branding: memory is becoming the largest cost center in AI infrastructure.

The Megalodon campaign pushed 5,718 malicious commits into 5,561 GitHub repositories in roughly six hours. The target was not just application code, but GitHub Actions workflows that can expose cloud credentials, CI secrets, and deployment tokens.

TrapDoor pushed more than 34 malicious packages across npm, PyPI, and Crates.io after May 22. The sharpest twist is not just credential theft, but the attempt to poison .cursorrules and CLAUDE.md files read by AI coding assistants.

Meituan’s LongCat team released an audio-driven avatar video model with Diffusers examples and an MIT license on Hugging Face. The project compares against HeyGen, Kling Avatar 2.0, and OmniHuman-1.5.

Reddit’s discussion focused on feasibility: can hidden audio survive microphones, speakers, and compression well enough to trigger real commands?

The thread focused on a concrete supply-chain link: HBM demand for AI racks can squeeze DDR and LPDDR supply for everyday devices.

Bumblebee is a read-only scanner for macOS and Linux developer endpoints. Perplexity says it checks risky packages, MCP configs, editor extensions, and browser extensions without invoking package managers or install scripts.

Anthropic says Project Glasswing used Claude Mythos Preview to surface more than 10,000 high- or critical-severity vulnerabilities. The sharper signal is operational: verification, disclosure, and patching may now lag behind AI-assisted discovery.

GitHub confirmed on May 20, 2026 that threat group TeamPCP exfiltrated approximately 3,800 internal repositories after a GitHub employee installed a trojanized Nx Console VS Code extension that was live on the marketplace for just 11 minutes. Stolen credentials include 1Password vaults, Anthropic Claude Code configurations, npm, GitHub, and AWS tokens; TeamPCP is seeking $50,000 for the data on underground forums.