Today: Anthropic's Mythos Preview security model is finding a lot of bugs, but plugging those holes is still a challenge, an unlikely company joins the $1 trillion club, and the latest funding rounds in enterprise tech.
Today: GitHub and Grafana share more details on how hackers stole their code, Google Cloud booted Railway off its infrastructure for no clear reason, and the latest enterprise moves.
Today: Google unveils new AI models and developer tools as it seeks to get in on the agentic coding race, believe it or not, another supply chain attack targeting npm packages just dropped, and the latest funding rounds on enterprise tech.
Today: Anthropic's Mythos Preview security model is finding a lot of bugs, but plugging those holes is still a challenge, an unlikely company joins the $1 trillion club, and the latest funding rounds in enterprise tech.
Welcome to Runtime! Today: Anthropic's Mythos Preview security model is finding a lot of bugs, but plugging those holes is still a challenge, an unlikely company joins the $1 trillion club, and the latest funding rounds in enterprise tech.
Please forward this email to a friend or colleague! If it was forwarded to you, sign up here to get Runtime each week, and if you value independent enterprise tech journalism, click the button below and become a Runtime supporter today.
It was a little hard to know what to make of Anthropic's Project Glasswing in the days after it was announced last month as an invite-only study group based around its Mythos Preview model. AI models had already shown potential to find undiscovered software vulnerabilities; what made Mythos so special, and why did Anthropic feel the need to heighten the drama (and risk a marketing backfire) with a warning to enterprise tech that it was too dangerous to release to the public?
Late last week Anthropic released more details about Project Glasswing's progress so far putting Mythos Preview to work hunting bugs across the code bases of its participants as well as thousands of open-source projects, and it's working. "After one month, most partners have each found hundreds of critical- or high-severity vulnerabilities in their software. Collectively, they’ve found more than ten thousand," the company said in a blog post.
Anthropic shared more details about its work with Mythos Preview on open-source projects, which anyone can scan for vulnerabilities at any time using existing AI models. It scanned 1,000 open-source projects over the last month as well as the software running its own infrastructure, and found over 6,000 really bad bugs.
Still, knowing where to look is a big deal for overworked security teams, who were already struggling to keep up with security alerts from existing tools that often wasted their time and patience with false positives. But AI security models will create even more work for those teams in the short term.
The memory-chip shortage is likely to get worse before it gets better, thanks to the nature of AI workloads and the insatiable demand from hyperscalers to serve those workloads. But that's good news for companies that sell memory chips, who are moving every chip they can make out the door as fast as possible right now.
After an upgrade from UBS Tuesday morning, Micron ended the trading day valued at just over $1 trillion, a nearly 20% jump from last Friday. "We believe the market will start to put a more ‘normal’ multiple on the stock and MU will continue to re-rate higher as more details emerge about the structural changes AI has driven to the entire memory complex,” UBS analysts wrote, according to CNBC.
Part of the reason for their enthusiasm is that the big players are locking up as much future memory chip supply as they can get, according to the report. As data centers get harder to build, the frenzy will likely die down, but if you bump into a Micron employee this week, they're buying.
Hark raised $700 million in Series A funding to build a new type of AI personal assistant based around custom hardware and software.
Exa landed $250 million in Series C funding for its AI search technology, which was designed specifically for agents.
OpenRouter scored $113 million in Series B funding for its AI inference platform, which allows developers to add the option of using multiple AI models into their apps.
Socket raised $60 million in Series C funding for its security software, which helps companies deal with the surge in attacks targeting package managers.
Tribal landed $10 million in seed funding for its AI agents, which help software developers incorporate the full context of their company's data when using AI coding agents.
Canyon Code launched with $5 million in pre-seed funding for its "app-level optimization" technology, which helps developers tweak the performance of apps that use more than one AI agent.
The White House is automatically installing its new app on every government-issued smartphone used by employees and staffers, according to Government Executive, which is also going to create a lot of work for federal cybersecurity teams.
Dropbox CEO Drew Houston announced plans to step down as CEO 19 years after co-founding the cloud storage company, but he will remain executive chairman.
Thanks for reading — see you Thursday!
Today: GitHub and Grafana share more details on how hackers stole their code, Google Cloud booted Railway off its infrastructure for no clear reason, and the latest enterprise moves.
Today: Google unveils new AI models and developer tools as it seeks to get in on the agentic coding race, believe it or not, another supply chain attack targeting npm packages just dropped, and the latest funding rounds on enterprise tech.
Today on Product Saturday: Microsoft unveils an AI harness for security teams, Notion expands into developer tools, and the quote of the week.
Today: Three announcements this week show how enterprise software companies are moving toward "headless" services designed for agents, not people, Cerebras' IPO was almost as big as its chips, and the latest enterprise moves.
