Two separate Anthropic leak stories broke on April 13, and they’re best understood as a single strategic move: Anthropic is building a full-stack AI coding platform. Not just a better chat interface. Not just a stronger model. A vertically integrated development environment spanning code generation, multi-agent orchestration, and application deployment. Project Epitaxy: Claude Code Gets a Power-User Overhaul Anthropic has been internally testing a major Claude Code desktop redesign under the codename “Epitaxy.” The project first surfaced in late March alongside the broader Claude Code source code leak, but new details reported by TestingCatalog — corroborated by timesofai.com and HandyAI newsletter — paint a picture of something more complete than early experimental screenshots suggested. ...

A developer investigating unexpected behavior from a Vercel plugin installed alongside Claude Code has uncovered what appears to be undisclosed data collection — including bash command strings and session-level data — occurring in projects that have nothing to do with Vercel. The findings, reported by TechRadar, were themselves discovered using Claude as an investigation tool, creating a notable meta-story: Claude was used to expose privacy concerns in a plugin bundled with Claude Code. ...

Three separate Anthropic stories broke on April 13, and read together they form a single narrative: developer trust in Claude is under sustained pressure, from reliability to quality to transparency. The Outage Claude.ai went down. Not for long — the incident lasted from 15:31 to 16:19 UTC, roughly 48 minutes — but the timing and the way Anthropic communicated it added fuel to an already active fire. The official status page described “elevated error rates” affecting both Claude.ai and Claude Code, attributing it to “capacity-balancing measures.” ...

After a developer recently used Claude itself to discover that a Vercel plugin bundled with Claude Code was collecting bash commands and session data beyond its stated scope, the question of plugin supply-chain safety has moved from theoretical to immediate. This checklist gives you a practical process for auditing what your Claude Code plugins are actually doing. Related news: Claude Code’s Vercel Plugin Quietly Collected Bash Commands — A Developer Used Claude to Expose It ...

When Microsoft Corporate VP Omar Shahine told The Information that the company is “exploring the potential of technologies like OpenClaw in an enterprise context,” it wasn’t just a throwaway quote. It was confirmation of something the AI industry has been watching develop for months: the open-source, locally-run agentic model pioneered by OpenClaw is now the benchmark that every major tech company is measuring itself against. What Microsoft Is Actually Building According to reporting confirmed across TechCrunch, The Verge, CNET, XDA Developers, and Tech Startups — all citing The Information’s original piece — Microsoft is working to embed always-on, inbox-monitoring capabilities directly into Microsoft 365 Copilot. The envisioned features would: ...

If you’ve been waiting for a real, production-grade platform to run long-lived AI agents — not toy demos, but agents that can clone repositories, install dependencies, execute multi-step tasks across sessions, and actually persist state — Cloudflare just made a major move in that direction. This week, Cloudflare officially kicked off Agents Week, a dedicated event showcasing a significant expansion of its Agent Cloud platform. The headline announcements: persistent Linux Sandboxes are now generally available, and Think, a new Agents SDK framework purpose-built for long-running, multi-step agent workflows, is shipping alongside it. ...

Gartner doesn’t usually traffic in alarm. When the world’s most influential tech analyst firm publishes a forecast saying a quarter of enterprise GenAI applications will face recurring security breaches by 2028, it’s worth reading carefully. The new prediction: 25% of all enterprise GenAI applications will experience at least five minor security incidents per year by 2028, up from just 9% in 2025. And the culprit the analysts are pointing to most explicitly isn’t prompt injection or model vulnerabilities — it’s MCP, the Model Context Protocol, and the broader architectural patterns of agentic AI. ...

Cloudflare’s Agents Week brought two tools that, combined, solve one of the most persistent infrastructure problems in production agentic AI: how do you run agents that actually do work across multiple sessions without losing state? This guide walks through building a persistent long-running agent using Cloudflare’s GA Linux Sandboxes and the Think SDK. Both are now generally available — meaning this is production-ready infrastructure, not a preview. What You’re Building A persistent agent that can: ...

When Mark Zuckerberg can’t be everywhere at once, Meta has a solution: build an AI version of him that can. According to reports confirmed across multiple outlets including the Irish Times, India Today, and Mint — citing an original Financial Times investigation — Meta is actively developing a photorealistic AI avatar of Mark Zuckerberg designed to interact with employees. The AI Zuckerberg is intended to communicate with staff at scale in ways the human Zuckerberg simply can’t. ...

Here’s the uncomfortable truth about deploying AI agents in enterprise cloud environments: the threat model most security teams are using is wrong. They’re thinking about agents as external attack surfaces — inputs to sanitize, outputs to validate. But Palo Alto Networks’ Unit 42 research team just demonstrated something more insidious: your agents can become insider threats from within your own cloud. The target of their latest research is Google Cloud’s Vertex AI Agent Engine, and the findings are significant enough that Google updated its documentation following responsible disclosure. ...