Moonshot AI's Kimi K3 (2.8T parameters, the largest open-weight model yet) beat Claude Fable 5 on the Frontend Code Arena benchmark, triggering a wave of 'second DeepSeek moment' coverage and a market dip in US tech stocks.
Thinking Machines Lab's Inkling (975B parameters, Apache 2.0) landed the same week as the new best American open-weight model, with day-0 vLLM support hitting 380 tokens/sec per user on GB200s.
A researcher found a working exploit in Claude's web_fetch exfiltration defenses, and a separate incident burned $14,000 in AWS billing in a day via leaked keys — both fed a wave of new agent guardrail tooling and the new AWS Claude Apps Gateway control plane.
AWS, Google Cloud, and Oracle all pushed deeper into owning agent infrastructure, from Modal's 1-million-concurrent-sandbox scheduler to Oracle folding no-code, low-code, and pro-code agent building into one platform.
A Hacker News measurement found a single Wikipedia page costs a coding agent 68,000+ tokens of raw HTML — a sharp reminder that unfiltered web_fetch is a cost problem as much as a security one.
Latent Space's AINews digest reports Codex usage up more than 10x in six months to 7M users, gaining 1M in a single day, and asks whether it has overtaken Claude Code.
Two open-weight models reset the frontier conversation this week. Moonshot AI's 2.8-trillion-parameter Kimi K3 beat Claude Fable 5 on coding benchmarks, while Thinking Machines Lab's 975B-parameter Inkling became the new best American open-weight release under Apache 2.0. Both got day-0 serving support from vLLM and Modal — infrastructure is no longer the bottleneck to running frontier-scale open weights.
That capability race is running into a security reckoning. A researcher found a working hole in Claude's web_fetch exfiltration defenses, and a three-person agency burned $14,000 in a day after leaked keys let attackers hammer Bedrock — both exposed the same gap: guardrails built for human-speed mistakes can't catch agent-speed damage. AWS and Google moved to fill it with new control planes and spend caps.
The durable implication: as open models close the capability gap and cloud vendors compete to host agent workloads, the differentiator shifts to who controls the agent's blast radius — not just who has the best model.
Open-Weight Frontier Shakeup: Kimi K3 and Inkling 7 items
Two open-weight releases — Kimi K3 from China and Inkling from the US — landed in the same week, each claiming the title of largest or best open-weight model and each shipping day-0 inference support.
Moonshot AI's Kimi K3 lands as a 2.8-trillion-parameter model, its largest open-weight release yet; Simon Willison walks through what the pelican SVG benchmark can and can't tell you about a model this size.
Kimi K3 beats Claude Fable 5 on the Frontend Code Arena benchmark — the largest open-weight model ever shipped, built to work around US compute export limits.
Thinking Machines Lab ships Inkling, a 975B-parameter multimodal model (with a 276B 'Small' variant) under Apache 2.0 — the new best American open-weight model, per Latent Space's AINews digest.
Interconnects calls this stretch 'the most serious test yet' of open source AI's viability, with Kimi K3 and Inkling landing days apart as the sharpest closed-vs-open comparison in months.
Agent Security and Guardrails Take Center Stage 6 items
A real Claude exfiltration exploit and a $14,000 agent-driven AWS bill exposed how far guardrails lag agent-speed damage, and cloud vendors responded with new control planes.
Security researcher Ayush Paul found a working hole in Claude's web_fetch exfiltration defenses; Simon Willison walks through the exploit and what it means for prompt-injection-resistant tool design.
A three-person agency ate a $14,000 AWS bill in one day after leaked static keys let attackers burn Claude invocations on Bedrock — InfoQ's read: guardrails built for human-speed mistakes can't catch agent-speed spend.
AWS and Anthropic shipped the Claude Apps Gateway, a self-hosted control plane centralizing identity, policy, telemetry, routing, and spend caps for Claude Code and Claude Desktop deployments.
Google's Genkit Agents API goes preview for TypeScript and Go, packaging tool loops, streaming, and state persistence behind one chat() call, with detached turns for human-in-the-loop approval steps.
Google Cloud introduces k8s-aibom on GKE, generating automated AI bills-of-materials so security teams can find unregistered 'shadow AI' workloads that dodge traditional scanners.
Gate.cat blocks a coding agent's rm -rf before it runs — one of several new tools this week built specifically to put a brake on agent actions before they execute.
Cloud Giants Race to Own Agent Infrastructure 6 items
AWS, Google Cloud, and Oracle all shipped infrastructure or platform launches this week aimed at owning where enterprise agents run and scale.
Modal details the scheduling system behind scaling to 1 million concurrent sandboxes per workspace in seconds — the infrastructure problem underneath every 'spin up an agent instantly' product claim.
Google Cloud lays out what running Claude at enterprise scale actually requires: accelerator management, cross-continent latency, in-region regulated data, and reliable long-context serving.
Google Cloud ships 13 hands-on demos for its Gemini Enterprise Agent Platform, covering build, scale, govern, and optimize workflows for teams standing up agents.
Oracle's AI agent builder now spans no-code, low-code, and pro-code development in one platform, following its move to open Fusion Agentic Applications to coding agents directly.
AWS launches Amazon Quick as an agentic AI teammate for sales orgs, covering the full cycle from prospect identification through deal-closing follow-up.
Coding Agent Tooling and Context Engineering 8 items
New benchmarks, tracing tools, and token-cost measurements gave platform teams sharper data on how coding agents actually behave in long sessions.
A Hacker News measurement: a single Wikipedia article costs a coding agent 68,240 tokens of raw HTML, and Nike's homepage costs 353,000 — a reminder that unfiltered web_fetch is a token-budget hazard, not just a security one.
A team ran a single agent session through all 89 sequential Terminal Bench 2.0 tasks — over 80 million tokens — with no measurable accuracy loss and no compaction, challenging assumptions about when context needs pruning.
MarkTechPost scores Mistral Vibe for Code, Claude Code, Cursor, and Codex head-to-head on one scaffold-to-PR task, giving platform teams a rare apples-to-apples agent comparison.
Latent Space's AINews digest reports Codex usage up more than 10x in six months to 7M users, gaining 1M in a single day, and asks whether Codex has overtaken Claude Code based on the numbers each side is publishing.
LangChain ships LangSmith tracing for coding agents across Claude Code, Codex, Cursor, and Copilot, so teams can inspect tool calls, subagents, errors, and costs instead of treating the agent as a black box.
Anthropic details how Cursor used CursorBench to validate that Claude Fable 5 was ready for the hardest 1% of coding problems before shipping it as a default.
Anthropic publishes best practices for running Claude Code in large codebases — where to start and what changes once a repo outgrows single-file context.
Evals and Production AI Engineering Practice 4 items
Conference talks and new benchmarks converged on the same point this week: production AI now lives or dies on evals and harnesses, not prompts.
QCon AI Boston's throughline: production AI has moved past prompt engineering into platforms, harnesses, and evals, with context management and security among the top operational themes.
Stripe's new benchmark suite tests whether AI agents can build real Stripe integrations end-to-end; the finding: agents build the integration but struggle to validate it actually works.
Inngest breaks down when to reach for online versus offline AI evals, and why conflating the two hides real production failures.
Frontier Lab Updates: Anthropic, OpenAI, Google 5 items
Anthropic, OpenAI, and Google published a mix of safety, ROI, and research commitments this week, a steady drumbeat of frontier-lab output alongside the bigger model and infrastructure stories.
OpenAI CFO Sarah Friar introduces a scorecard for measuring AI ROI: useful work delivered, cost per successful task, dependability, and return on compute — a framework aimed at cutting through vague productivity claims.
OpenAI stakes out a 'reverse federalism' position on AI governance, arguing state-level laws should build toward a coherent national safety framework rather than compete with it.