Right. The quiet stretch you were promised did not materialise. Down to it.
Opus 4.7 is live across Claude, the API, Bedrock, Vertex, Foundry, Copilot, and Cursor — all on the same day, at the same $5/$25 per million tokens as 4.6. SWE-bench Verified jumped to 87.6%, SWE-bench Pro to 64.3%, CursorBench to 70%; the model adds a new "xhigh" reasoning tier and a self-verification pass. It's the frontier-coding release of the week and is already the default model behind most of the other stories below. If your team is on 4.6, plan the move. Anthropic AWS Bedrock
A Johns Hopkins team demonstrated that malicious text in PR titles, issue bodies, and comments can coerce Anthropic's Claude Code Security Review, Google's Gemini CLI Action, and GitHub Copilot Agent into exfiltrating API keys, GitHub tokens, and repo secrets — bypassing Copilot's environment filtering, secret scanning, and network firewall. Vendors paid modest bug bounties. None issued CVEs or public advisories, which means users on vulnerable versions don't know they're users on vulnerable versions. If you run any of these three on untrusted PRs, that's an action item today, not a thinking exercise. The Register Technical writeup
Anthropic used Opus 4.7's launch window to reshape Claude Code itself. Routines let you save a Claude Code configuration — prompt, repos, connectors — and run it on Anthropic's cloud on a schedule or webhook; deploy verification and alert triage are the obvious targets. The desktop app has been rebuilt around an integrated terminal, a faster diff viewer, in-app file editing, and multi-session. CLI 2.1.111 adds /ultrareview parallel multi-agent code review, an Opus 4.7 xhigh slider, PowerShell support, and sharper permission prompts. Taken together, Claude Code now ships as a platform rather than a wrapper. Routines Desktop redesign Changelog
A fine-tune of GPT-5.4 trained to accept the dual-use security tasks — binary reverse engineering, vulnerability discovery, malware analysis — that base models normally refuse. Access is gated through the expanded Trusted Access for Cyber program, now open to thousands of verified defenders. Lands one week after Anthropic's restricted Claude Mythos Preview, formalising a vendor split over who gets to point frontier models at zero-day hunting. Read it alongside the prompt-injection story above: the defensive-tooling arms race and the attack surface are expanding in parallel, which is more or less the permanent condition now. OpenAI Implicator
Adobe has decided brands now need to manage what AI systems think they know, not just what humans see, so it rolled out a brand-visibility layer tying together Experience Manager, Commerce, LLM Optimizer, and Brand Concierge. Sensible, if faintly bleak: once chat interfaces become the front door, someone was always going to start selling better signage. Source
Cloudflare says 93% of its R&D organisation now uses AI coding tools on an internal stack built from its own products, with MCP portals, AGENTS.md generation, AI Gateway routing, Workers AI, and CI-native review all wired together into one system. Useful mainly because it replaces the usual transformation theatre with actual numbers and architecture, which remains an exotic choice in this industry. Source
An Anthropic Labs research preview that turns prompts, uploads, and web captures into prototypes, slides, one-pagers, and marketing assets, using Opus 4.7. It reads your codebase and design tokens to stay on-brand, exports to PDF, PPTX, Canva, and HTML, and hands off cleanly to Claude Code. Figma's stock, tellingly, did not enjoy the announcement. Available to Pro, Max, Team, and Enterprise. Anthropic
OpenAI extended its ChatGPT ads pilot beyond the US. Sponsored results appear only for logged-in adults on Free and Go tiers; paid tiers remain ad-free, sensitive topics are excluded, targeting is contextual. The test is the monetization tell — OpenAI has committed to ads, and the rollout geography is the only remaining variable. AdNews
The Codex desktop app picked up an in-app browser for commenting on rendered pages, a macOS Computer Use capability for driving native apps, and a GitHub PR review workflow that lets Codex triage diffs and respond to comments inside the app. Chats, thread automations, an artifact viewer, alpha SSH remote connections, and multi-window support also shipped. The coding-agent category continues to stop being "a chat with tools." Codex changelog
Perplexity pulled its desktop agent off the waitlist for Max subscribers. Press both Command keys and a Comet agent reads local files, drives native Mac apps by text or voice, and orchestrates tasks across twenty-odd frontier models. Perplexity's framing — the Mac mini as an always-on digital worker you manage from your phone — is ambitious, and the kill switch and reversible-actions posture suggests they at least anticipated the objections. Treat this as a meaningful expansion of "where agents live" rather than as a finished product. Perplexity MacRumors
The biannual Radar landed fully agent-pilled, with four AI-centric themes: evaluating tech in an agentic world, retaining software-engineering principles while relinquishing patterns, securing permission-hungry agents, and — in the theme of the week — putting coding agents on a leash. It formalises harness engineering, Agent Skills, feedback sensors, and codebase cognitive debt as the vocabulary the rest of the industry is about to standardise on. Worth a read if you're making 2026 tooling decisions. Thoughtworks Macro trends post
Separate release from 3.1: Cursor agents can now respond with live interactive canvases — React-style visualisations built from first-party components (tables, charts, diagrams, diff viewers) alongside terminals, browsers, and source control in the Agents Window. Durable artifacts for PR reviews, eval analyses, and incident post-mortems, instead of walls of chat text. A meaningful shift in what an agent can show you, not just tell you. Cursor blog Changelog
v0.14+ folds the harness and sandbox directly into the SDK: configurable memory, Codex-like filesystem tools, standardised MCP, AGENTS.md and apply-patch integration, and a new SandboxAgent abstraction with snapshotting and rehydration. You can bring your own sandbox provider (Blaxel, Cloudflare, Daytona, E2B, Modal, Runloop, Vercel) or mount local and cloud storage. The distance from prototype to production agent shortened noticeably on OpenAI models. OpenAI TechCrunch
Oracle and Bloom Energy signed a master services agreement for up to 2.8 gigawatts of solid-oxide fuel cells, with 1.2 GW already contracted and deploying through 2027. Grid-connection waits of up to seven years and a gas-turbine shortage have made on-site generation the default answer to AI compute demand. Given Oracle's $300B OpenAI infrastructure contract, this is a lead indicator for the rest of the hyperscale buildout. Bloom Energy The Register
Anthropic has received investor interest valuing it at roughly $800B on secondary markets — more than double February's $380B primary round — with run-rate revenue reportedly hitting $30B in April, up from $9B at year-end 2025. Some OpenAI investors are quietly questioning whether OpenAI's $852B valuation holds without a $1.2T+ IPO to absorb it. The two-horse race has become closer-run than either side will admit in public. TechCrunch
Notion cut Custom Agent run costs 35–50%, introduced AI Autofill to keep databases enriched on their own, added saveable Skills for the Notion Agent, and shipped Calendar, Mail, and Slack integrations plus voice dictation. An API for pulling AI Meeting Notes transcripts also landed, which will quietly become a lot of other products' data source. A meaningful step from "AI features in Notion" to "AI teammates that live in Notion." Notion
At the Semafor World Economy summit, Jack Clark confirmed Anthropic briefed the Trump administration on Mythos — the model Anthropic announced April 7 and is holding back from public release over its cybersecurity capabilities. Trump officials have been pushing JPMorgan, Goldman, Citi, BofA, and Morgan Stanley to evaluate it, all while Anthropic is simultaneously suing the Department of Defense over a supply-chain-risk designation. A novel posture: sue and cooperate. TechCrunch Bloomberg
Reading UK AISI's Mythos evaluation, Breunig observes that vulnerability discovery now scales linearly with tokens spent — so the model for hardening software is economic: spend more tokens finding exploits than attackers will spend exploiting them. A side effect: open-source libraries become more valuable because the security tokens spent on them are amortised across every downstream user, which cuts hard against the "just vibe-code a replacement" instinct. One of the more useful framings of the week. dbreunig.com
Copilot CLI now lets you invoke a model from a different family — Claude reviewing Codex's work, or vice versa — to critique the primary agent's plan and diffs. A concrete take on cross-family code review inside a single agent, targeted at the blind spots one model tends to repeat. I'm told rubber ducks used to be made of rubber. Now they cost inference. GitHub
Osmani argues AI has inverted the review economy — juniors now generate code faster than seniors can audit it, and neither tests nor specs close the gap. He cites a recent Anthropic study showing engineers using AI scored 17% lower on comprehension quizzes of their own codebases. Velocity metrics hide a compounding debt in how much of the system anyone actually understands. The companion read to Cantrill; if you manage an AI-augmented team, this is the one to circulate. O'Reilly Radar Addy Osmani
Giannandrea, recruited from Google in 2018 to lead Apple's AI effort, officially left on April 15 as his final stock options vested. His portfolio — foundation models, AI testing, Siri, robotics — has been split among Craig Federighi, Eddy Cue, and Sabih Khan. The tenure is widely viewed as having failed to deliver on Siri or Apple Intelligence. Apple's next AI strategy is now a committee. Consider the implications. MacRumors
Steve Yegge posted that Google engineering looks like John Deere: 20% power users, 20% refusers, 60% still on chat-style AI, with an 18-month hiring freeze keeping fresh thinking out. Demis Hassabis and Addy Osmani rebutted publicly, citing 40,000+ weekly agentic-coding engineers, Antigravity, Gemini CLI, internal orchestrators, and virtual SWE teams. Both accounts are probably true. The useful signal for a mid-market team: even the frontier labs have wildly uneven adoption curves, so yours is not the anomaly. VentureBeat Simon Willison's notes
The first point release after Cursor 3's agent-first rebuild. Tiled layout lets multiple agents run in parallel panes with persistent sessions; batch voice input via Ctrl+M arrives with waveform and timer controls; branch selection when launching cloud agents; include/exclude filters for file search; and a meaningful perf pass — roughly 87% fewer dropped frames on large edits. Small release, but the tiled layout is the one to actually try. Cursor changelog
Cantrill argues that Larry Wall's programmer virtue of laziness — the hard work of finding the right abstraction — is exactly what LLMs don't have. Work costs them nothing, so left alone they pile onto what he calls a layercake of garbage rather than simplifying. He dissects Garry Tan's 37,000-lines-of-code-per-day newsletter app as Exhibit A and points to Oxide's published LLM usage guidelines as a workable alternative. Sharp, not reactionary, and worth the fifteen minutes. bcantrill.dtrace.org
Dismissed. Try to act on at least one of these before I have to assemble another.