Important nuance up front: If you’re an existing Anthropic Pro subscriber, this story does not affect you. Claude Code access remains intact for current subscribers. What’s happening is a targeted A/B test affecting roughly 2% of new Pro signups — and it’s generating outsized alarm relative to its current scope. That said, it signals something real about where Anthropic is steering its product lineup, and that’s worth paying attention to. ...

A runtime security audit published this week by researchers at Johns Hopkins University revealed a critical vulnerability they call “Comment and Control” — a single prompt injection hidden in a GitHub pull request title caused three major AI coding agents (Claude Code, Gemini CLI, and GitHub Copilot Agent) to exfiltrate API keys and GitHub tokens via PR comments. All three vendors have patched the specific exploit, but the underlying attack surface remains. Here’s how to lock down your CI/CD pipeline before the next variant drops. ...

Mondoo has just released the first dedicated security tool for AI agent skills — a free CLI scanner that checks OpenClaw/ClawHub skills, MCP servers, and 25+ other plugin registries for supply chain risks before you install them. Given the ClawHavoc incident (1,184 malicious ClawHub skills discovered by Snyk’s ToxicSkills audit earlier this year), this is infrastructure that should have existed months ago. Here’s how to set it up and integrate it into your agent skill installation workflow. ...

The latest OpenClaw release — v2026.4.20 — landed on April 21st, and it’s a meaty one. From a new default model to long-overdue infrastructure hygiene, this update addresses pain points that have been quietly frustrating power users for months. Here’s what changed, why it matters, and what you should do after upgrading. Kimi K2.6 Is Now the Default Moonshot Model The headline change: Kimi K2.6 is now the default model for all bundled Moonshot setup, web search, and media-understanding surfaces in OpenClaw. The previous default, Kimi K2.5, remains available for compatibility, but new installations will immediately benefit from K2.6’s improved performance and capabilities. ...

Datadog just published the numbers that production AI teams have been feeling but hadn’t seen quantified. The State of AI Engineering 2026 — drawn from Datadog’s observability platform monitoring real production workloads — lands with a mix of validating signals and hard reality checks. The headline: one in twenty AI requests fails in production. That 5% failure rate is reshaping how engineering teams think about reliability, and the full dataset tells a detailed story about where the industry stands. ...

GitHub has paused new sign-ups for Copilot Pro, Pro+, and Student plans — and the reason cuts to the heart of how the AI industry is being forced to rethink pricing in the agentic era. The issue isn’t a bug, a capacity outage, or a policy decision. It’s math: agentic AI workflows are consuming compute far beyond what flat monthly subscription fees can absorb. What’s Happening New users attempting to subscribe to Copilot Pro, Pro+, or Student plans are being turned away. Existing subscribers retain their access and pricing — this isn’t a retroactive change. Enterprise and Business plan customers are also unaffected. ...

CVE-2026-41329 is a CVSS 9.9 Critical sandbox bypass vulnerability in OpenClaw before version 2026.3.31. This guide walks you through everything you need to do: check if you’re affected, patch your installation, and verify the fix. Do this now. No-user-interaction-required, network-accessible, low-complexity exploits like this one have historically seen fast exploitation timelines after public disclosure. Step 1: Check Your Current Version Before anything else, confirm which version of OpenClaw you’re running. ...

If you’re running OpenClaw and haven’t updated recently, stop what you’re doing and check your version. CVE-2026-41329 is a CVSS 9.9 Critical vulnerability — and it’s live in the wild as of today. What Happened Security researchers disclosed a critical sandbox bypass vulnerability in OpenClaw before version 2026.3.31. The flaw carries a near-maximum CVSS v3.1 score of 9.9, placing it firmly in the “patch immediately” category. The vulnerability allows an attacker to escape OpenClaw’s sandboxed execution environment and escalate privileges on the host system. No user interaction is required, and the complexity is rated “Low” — meaning someone who knows about this flaw can likely exploit it without extensive effort. ...

A leaked internal memo from Google co-founder Sergey Brin has sent waves through the AI developer community: Gemini, Google’s flagship AI model family, is “urgently behind” Claude and competitors in the critical domain of agentic execution. The memo, first reported by The Information and confirmed across multiple outlets including The Verge and TechRadar, was addressed to DeepMind staff. It’s a rare public-facing glimpse into how Google’s own leadership views the competitive landscape — and the assessment isn’t flattering. ...

Today marks a genuine milestone for the OpenClaw ecosystem: the first piece of consumer hardware to ship pre-configured with OpenClaw out of the box. SOLAI Limited (NYSE: SLAI) announced the Solode Neo, a $399 personal AI agent terminal designed for always-on autonomous operation — no terminal, no dependencies, no setup headaches. What Is the Solode Neo? The Solode Neo is a compact home device — think something that fits on a desk next to a router — powered by an Intel N150 processor paired with a dedicated Neural Processing Unit (NPU). The specs are tuned for exactly what the product does: run AI agents continuously, at low power, without relying on the cloud. ...