Two of the most respected names in enterprise cybersecurity have gone on record: Anthropic’s Claude is writing less secure code than it was six months ago, and they can prove it. The alarm was first raised publicly by Dave Kennedy, CEO of TrustedSec and a former NSA analyst, in a Forbes investigation published April 22. Kennedy’s team had been using Claude Opus to generate attack simulations and accelerate development — until code quality fell off a cliff. ...

If you’ve ever configured Claude Code to block dangerous shell commands, there’s something you need to know: those rules may not have been protecting you the way you thought. A critical vulnerability, first disclosed by security firm Adversa AI and confirmed by SecurityWeek, reveals that Claude Code’s user-configured “deny rules” — the mechanism designed to block dangerous operations like rm, curl, and unrestricted network access — silently stop working when a command chain exceeds approximately 50 subcommands. ...

Model Context Protocol is the new API layer for AI agents — and enterprises are deploying it without understanding the security and governance implications. Cloudflare just published the reference architecture that should be required reading before any serious MCP deployment goes to production. The full Cloudflare enterprise MCP guide dropped April 14, backed by comprehensive developer documentation. It’s based on real-world data from 241 billion tokens processed for 3,683 users — not theory. ...

Zero trust isn’t just for humans anymore. Google Cloud has just handed every AI agent a digital identity card — and those cards come with cryptographic teeth. Announced at Google Cloud Next ‘26 in Las Vegas (April 22–24), the new Gemini Enterprise Agent Platform assigns every AI agent — whether built by Google or running as a third-party integration — a unique SPIFFE-based cryptographic identity backed by auto-rotating X.509 certificates that refresh every 24 hours. ...

Google’s autonomous research agent has leveled up in a meaningful way. Deep Research Max, announced this week alongside a suite of Google Cloud Next ‘26 launches, is a serious step toward AI-driven research that doesn’t just search — it synthesizes, visualizes, and integrates with your existing tooling through native MCP support. The short version: it can run up to 160 autonomous web searches, generate native charts and infographics from what it finds, and connect to your internal data sources via Model Context Protocol — all through a single API call. It’s in public preview now. ...

If you’ve ever tried to get an AI agent into production, you know the pain: weeks of infrastructure work before the agent itself handles a single real request. Storage, authentication, compute, deployment pipelines — all of it before you can even test whether your agent logic is any good. Amazon Web Services just announced a wave of new features in Amazon Bedrock AgentCore that are specifically designed to eliminate that friction. ...

Anthropic’s Head of Growth Amol Avasare just said something that should get the attention of anyone running agents through Claude: the Pro and Max subscription tiers “fundamentally no longer match how people are using Claude.” This isn’t speculation about future pricing direction. It’s a public signal from inside Anthropic that the company’s subscription model has been structurally overtaken by how real users — especially developers and agent builders — are actually using the product. ...

Three-quarters of new code written at Google is now generated by AI. That number — disclosed by CEO Sundar Pichai at Google Cloud Next 2026 — is significant not just for its size, but for how fast it got there. In late 2024: 25%. Last fall: 50%. Today: 75%. That’s a tripling in roughly 18 months. At one of the world’s largest software engineering organizations. What Google Is Actually Doing The AI-generated code at Google isn’t replacing engineers — it’s going through them. Every line is reviewed and approved by a human engineer before it ships. The shift is in where the initial work happens: increasingly, the first draft comes from AI tools, and engineers spend their time reviewing, correcting, and directing rather than typing from scratch. ...

Amazon Bedrock AgentCore just shipped a managed agent harness that lets you go from zero to a running LangGraph agent in three API calls. This tutorial walks you through it — from setup to first real request. Time required: ~10 minutes Prerequisites: AWS account, Python 3.10+, AWS CLI configured Frameworks supported: LangGraph, CrewAI, LlamaIndex, Strands Agents Why AgentCore’s Managed Harness Changes the Game Before AgentCore’s new features, getting an agent into a production-grade environment meant wiring up: ...

Hugging Face just shipped something that deserves more attention than it’s gotten: an open-source AI agent that automates the entire LLM post-training workflow — and on scientific reasoning benchmarks, it’s already outperforming Anthropic’s Claude Code. Meet ml-intern. What ml-intern Actually Does Built on Hugging Face’s smolagents framework, ml-intern operates as a continuous autonomous loop that mirrors how an ML researcher actually works. It doesn’t just run scripts — it thinks through the problem iteratively: ...