Claude Writes a Kernel Exploit, Q1 Funding Hits $297B

Slack announced its largest update since the Salesforce acquisition, adding over 30 capabilities to Slackbot. Built on Anthropic's Claude, the new Slackbot takes meeting notes across video providers, operates outside the Slack app via desktop actions, executes tasks through third-party tools using MCP, and includes a deep research mode. Slack says some employees save up to 90 minutes daily and positions the update as a step toward an "agentic operating system."

OpenAI closed a $122 billion funding round at an $852 billion post-money valuation, the largest private fundraise in history. Amazon, Nvidia, and SoftBank anchored the round, with SoftBank's commitment alone reaching $110 billion. In an unusual move, OpenAI also accepted roughly $3 billion from individual retail investors through select banks. The company reports $2 billion in monthly revenue and 900 million weekly ChatGPT users.

Global startup funding reached $297 billion in the first quarter, a 2.5x jump over the previous quarter, according to Crunchbase. Four mega-rounds drove the spike: OpenAI's $122 billion, Anthropic's $30 billion, xAI's $20 billion, and Waymo's $16 billion, collectively accounting for 63% of the total. The single-quarter haul exceeds every full year of global VC activity prior to 2019.

Threat actors breached Cisco's internal development environment and stole source code using credentials obtained from the recent Trivy supply chain attack. The incident shows how a single compromised open-source tool cascades into major enterprise breaches. Trivy's initial compromise infected over 1,000 cloud environments, and the stolen credentials gave attackers a direct path into Cisco's internal systems.

Claude discovered and wrote a complete remote code execution exploit for FreeBSD's kgssapi.ko module, chaining a stack buffer overflow in svc_rpc_gss_validate() into a multi-round ROP attack that achieves a root shell. The vulnerability (CVE-2026-4747) affects FreeBSD 13.5 through 15.0 on any NFS server with the module loaded. It's one of the first documented cases of an AI autonomously writing a full kernel-level exploit from discovery to working proof of concept.

A GitHub Copilot Applied Science researcher describes an agent-driven development process where AI agents function as the primary contributors. Three principles drove the speed: conversational prompting over terse instructions, constant refactoring and documentation to keep the codebase agent-readable, and a "blame process, not agents" iteration culture. Five engineers joined the project cold and together shipped 11 agents, four skills, and 28,000 lines of code in under three days.

Datadog's Metrics Summary page was joining 82,000 active metrics against 817,000 configurations, hitting a 7-second p90 latency. Standard fixes like indexing and query tuning didn't work because the problem wasn't the query but using a transactional database for search workloads. The team's solution redefined how Datadog handles data replication across its infrastructure, pushing precomputed data to services rather than joining on demand.

Cheng Lou, the engineer behind React, ReScript, and Midjourney's frontend, released Pretext — a zero-dependency TypeScript library that performs multiline text measurement and layout entirely in userland, bypassing the browser's DOM reflow. At 15KB, it turns text blocks into fully dynamic, responsive spaces that adapt smoothly when other elements intersect or the window resizes. Lou built it using Claude and Codex, and released it under MIT licence.

InfoWorld examines what happens to junior developers when AI handles the tasks companies used to hire them for. The argument: companies still need entry-level engineers, but the role shifts from writing boilerplate to communicating intent clearly, understanding system design, and guiding AI agents. The catch is that the apprenticeship model that produced senior engineers — learning by writing bad code and watching it break — has no obvious replacement yet.

Ethan Mollick argues that AI's capability overhang comes less from model limits than from how people interact with them. Research shows chatbot interfaces create cognitive overload — walls of text, unwanted tangents, sprawling conversations — that offset productivity gains. Less experienced workers, who'd benefit most from AI, are hurt worst. Mollick examines Claude Dispatch and other specialised interfaces as evidence that interface design matters more than raw model intelligence.

Zvi Mowshowitz dissects Anthropic's revised Responsible Scaling Policy, which replaces hard commitments to pause scaling with aspirational goals. The headline change: Anthropic will no longer commit to halting development if safeguards are insufficient, provided a competitor has already crossed the same threshold. Multiple former and current Anthropic employees confirmed the previous RSP was presented as far more binding than it turned out to be, raising questions about voluntary industry safety frameworks.

MiniStack launched as a free, open-source alternative to LocalStack after LocalStack moved to a paid model. It emulates 34 AWS services on a single port, but unlike stubbed endpoints, it uses real infrastructure. RDS runs actual Postgres, ElastiCache runs actual Redis, and ECS starts real Docker containers. No account, no licence key, no telemetry.

AIO Sandbox is an all-in-one Docker environment for AI agent development that bundles a VNC browser, terminal, file system, VSCode Server, Jupyter notebooks, and MCP services in a single container. Files are shared across all interfaces — download something in the browser and it's immediately available in the terminal. SDKs ship for Python, TypeScript, and Golang.

Google released two tools that significantly improve coding agent performance on Gemini API tasks. The Gemini API Docs MCP connects agents to current documentation via Model Context Protocol, while Agent Skills provides best-practice instructions and patterns. Combined, they achieve a 96.3% pass rate on Google's evaluation set while using 63% fewer tokens per correct answer compared to vanilla prompting.

Agents Observe is an open-source dashboard that captures every tool call, file read, and bash command across multi-agent Claude Code sessions in real time. It uses hooks rather than OpenTelemetry to get the full picture, including subagent activity that's invisible in the terminal. Install via the Claude Code plugin marketplace and a Docker container auto-starts on your next session. Especially useful when debugging failures three agents deep in a parallel execution.