Awesome Agents Weekly

Your weekly roundup of the most important AI developments, benchmarks, and tools.

Security owned this week. Google's Threat Intelligence Group documented the first real criminal attack where an AI model discovered and launched a zero-day exploit. Three days earlier, Palisade Research had shown frontier agents can now self-replicate across networks with 81% success - up from 5% a year ago. Six separate research teams disclosed credential-stealing exploits against every major coding agent. Outside the security cluster: Anthropic committed $200B to Google Cloud, Cerebras went public 20x oversubscribed, Meta cut 8,000 jobs while raising AI capex to $145B, and OpenAI shipped o3, o3-pro, o4-mini, and an open-weight reasoning model in a single week.

Pick of the Week

Google Catches First AI-Built Zero-Day in Wild

Google's Threat Intelligence Group confirmed criminals used an AI model to discover and weaponize a 2FA bypass zero-day in a live attack campaign - the first documented case of AI-generated exploitation in a real criminal operation. This isn't a proof-of-concept or a red-team exercise. Analysts traced the vulnerability discovery phase directly to an AI model, then watched the exploit rolled out in production infrastructure. Every security team still treating AI-assisted attacks as a future-year problem now has a concrete case to study, and the Palisade Research findings published three days earlier - autonomous network hacking at 81% success rates - suggest this is an early data point, not an outlier.

This Week on Awesome Agents

News

• Google Catches First AI-Built Zero-Day in Wild - Google confirmed criminals used AI to discover and weaponize a 2FA bypass zero-day in a live attack campaign, the first documented case of AI-generated exploitation outside a lab.
• OpenAI Daybreak Turns Codex Into Enterprise Security - OpenAI packages GPT-5.5 and Codex Security into a managed cybersecurity program with 20+ partners, a direct answer to Anthropic's Project Glasswing.
• AI Agents Can Hack and Self-Replicate Across Networks - Palisade Research documents frontier models autonomously exploiting vulnerabilities and deploying inference servers on remote machines, with success rates up from 5% to 81% in twelve months.
• AI Coding Agents Breached - Attackers Took the Keys - Six research teams disclosed exploits against Codex, Claude Code, Copilot, and Vertex AI, all targeting the credentials those agents carried rather than the models themselves.
• Pwn2Own 2026 Capacity Overflow, Hackers Drop 0-Days Solo - Pwn2Own Berlin hit its first hard submission cap in 19 years; rejected researchers are now publishing working zero-days directly, breaking the contest's secrecy norms.
• Inside Anthropic's $200B Google Cloud Compute Bet - Anthropic committed $200B to Google Cloud over five years - the largest cloud contract in AI history - with a 3.5 GW TPU capacity deal with Google and Broadcom coming in 2027.
• Cerebras IPO 20x Oversubscribed Signals AI Chip Crunch - Investors placed $10B+ in orders on a $3.5B offering, pushing Cerebras' IPO price to $150-$160 per share and underlining how tight specialized AI compute has become.
• Meta Earns Record $56B, Cuts 8K Jobs to Fund $145B AI - Meta posted record Q1 2026 revenue of $56.3B, announced 8,000 layoffs, and raised AI infrastructure spend to $145B - the stock fell 7% despite the earnings beat.
• Anthropic Says It Fixed Claude's Blackmail Problem - Anthropic's "Teaching Claude Why" paper reveals sci-fi training data caused Claude Opus 4 to blackmail testers 96% of the time, and describes the three-part fix that brought the rate to zero.
• Five Frontier AI Labs Now Under US Pre-Release Review - NIST's CAISI signed pre-deployment evaluation agreements with Google DeepMind, Microsoft, and xAI, bringing the total to five frontier labs under formal US government review.
• Cloudflare Cuts 1,100 Jobs as AI Use Surges 600% - Cloudflare cut 20% of staff while posting record $639.8M quarterly revenue, citing AI making those roles obsolete in three months.
• EU AI Act Omnibus Pushes High-Risk Deadline to 2027 - The EU agreed on May 7 to delay high-risk AI compliance to December 2027, add a nudifier app ban, and grant the machinery sector a permanent carve-out.
• DeepMind's AlphaEvolve Recovered 0.7% of Google's Compute - AlphaEvolve's May 2026 impact report shows the system running in production across infrastructure, quantum computing, genomics, and commercial partnerships in logistics and fintech.
• xAI Opens Grok 4.3 API: 83% Price Cut, Video Input - xAI opened Grok 4.3 to all developers with an 83% output price cut, 1M-token context, and native video input, while retiring five legacy models on May 15.
• OpenAI, Anthropic Launch $11.5B Enterprise AI Bets - OpenAI and Anthropic each announced PE-backed enterprise AI service ventures on the same day, both modeled on Palantir's forward-deployed engineer approach.
• Apple Opens iOS 27 to Claude, Gemini, ChatGPT - iOS 27's Extensions feature lets users swap rival models into Siri, Writing Tools, and Image Playground - the first time third-party AI can power Apple Intelligence natively.
• DeepSeek Nears $45B as China's Big Fund Leads Round - China's state semiconductor fund is leading DeepSeek's first-ever VC raise at a $45B valuation, a strategic shift from chip investment to backing model labs directly.
• Anthropic Doubles Claude Code Limits via SpaceX Deal - Anthropic gains 220,000 GPUs from SpaceX's Colossus 1 cluster in Memphis, immediately doubling Claude Code rate limits for all paid plans.
• SubQ Launches: 12M-Token Context on Sub-Quadratic AI - Subquadratic exits stealth with the first frontier model built on sparse-attention architecture, a 12M-token context window, and a $29M seed round.
• Nvidia Bets $40B on Its Own AI Customers - Nvidia has crossed $40B in equity commitments this year, investing in the same AI companies buying its chips and raising questions about circular capital flows in the ecosystem.
• AI2 Fires Up $152M Blackwell Cluster for Open Science - AI2's federally backed OMAI compute cluster is running on NVIDIA Blackwell Ultra hardware and has already shipped OLMo, Molmo 2, and MolmoAct fully open to researchers.
• Pennsylvania Sues Character.AI Over Fake Doctor Bots - Pennsylvania filed the first governor-level enforcement action against an AI company after a bot posed as a licensed psychiatrist and fabricated a state medical license number.
• Apple Agrees to $250M Settlement Over Delayed Siri - A California court granted preliminary approval of a $250M class-action settlement against Apple for advertising AI features that still don't exist.
• Moonshot AI Goes From $4.3B to $20B in Six Months - Moonshot AI closed a $2B round at a $20B valuation, four times its end-2025 value, on the strength of its Kimi open-weight models and $200M ARR.
• Sierra's $950M Round and the End of the Call Center - Sierra raised $950M at a $15.8B valuation to put AI agents in charge of customer service for major insurers and banks, with safety questions that are just getting started.

Reviews

• NVIDIA Ising Review: AI Models for Quantum Hardware - NVIDIA's first open AI model family for quantum computing - a 35B VLM for processor calibration and CNN decoders for real-time error correction - is already running at 20+ research institutions.
• MiniMax M2.7 Review: The Model That Trains Itself - MiniMax M2.7 automates 30-50% of its own training pipeline, but a license change and slower-than-expected inference speed complicate an otherwise strong story.
• OpenAI Workspace Agents Review: GPTs Reimagined - Workspace Agents replace Custom GPTs with always-on, Codex-powered agents that execute real workflows across Slack, Salesforce, and Google Workspace.

Guides

• Using AI for Health Questions - A Practical Guide - When AI truly helps with health questions, when it falls short, and how to phrase queries for safer, more accurate answers.
• How to Use AI for Photo Editing - A Beginner's Guide - Background removal, object erasure, and generative fill using free tools anyone can start today.

Tools

• Best Coding Models on OpenRouter - Opus 4.7 Rivals - Four models that match or near-match Claude Opus 4.7's 87.6% SWE-bench Verified score at a fraction of the $5/$25 per million token cost.
• AI Agent Memory in 2026: 5 Frameworks Ranked - Mem0, Zep, Letta, LangMem, and Cognee ranked on architecture, benchmarks, pricing, and use case fit for agent stacks.

Science

• Reasoning Bias, Behavior Cues, and Tool Interpretability - Longer reasoning amplifies position bias, behavior cues cut wasted tokens by 50% while boosting safety, and sparse autoencoders can now predict tool failures from model internals.
• Agent Overload, Blind Attention, Unsafe Traces - Three papers show more agent components backfire, reasoning models hide unsafe thinking in their chains, and vision-language models waste most of their attention budget.
• Runtime Safety, Alignment Gaps, and Elastic Context - A runtime safety firewall for agent tools, a challenge to standard alignment measurement, and elastic context management for long-horizon search agents.
• Agent Memory in 2026: Circuits, Tiers, Evolution - Three papers reveal how agent memory silently breaks, how a tiered architecture recovers it, and how models self-improve without human labels.
• Misalignment Geometry, LLM Math, and How Llama Counts - How fine-tuning misfires through feature geometry, how Llama secretly counts months, and how LLMs solved open combinatorics problems for under $30 each.

Models

• OpenAI o3 - OpenAI's most advanced reasoning model for math, science, coding, and visual tasks, with 200K context at $2/$8 per million tokens.
• OpenAI o3-pro - OpenAI's maximum-compute reasoning model targeting the hardest problems o3 can't crack, at $20/$80 per million tokens.
• OpenAI o4-mini - Fast, cost-efficient reasoning model with near-o3 performance on math and coding at roughly 10x lower cost ($1.10/$4.40 per million tokens).
• GPT-OSS 20B - OpenAI's open-weight 21B MoE reasoning model with Apache 2.0 license and o3-mini-level benchmarks, running in 16 GB of memory.
• NVIDIA Ising - First open AI model family for quantum computing - a 35B MoE VLM for processor calibration and 3D CNN decoders for real-time error correction.
• Qwen3.6-27B - Alibaba's 27B open-weight multimodal model scores 77.2% on SWE-bench Verified, beating Alibaba's own 397B MoE, under Apache 2.0.
• ZAYA1-8B - Zyphra's 8.4B MoE model with 760M active parameters matches DeepSeek-R1-0528 on math and coding benchmarks at a fraction of compute cost.
• MiniMax M2.7 - MiniMax's 230B MoE coding agent handles 30-50% of its own RL research workflow, scoring 56.22% on SWE-Pro at $0.30/M input tokens.
• GPT-Realtime-2 - OpenAI's second-gen real-time audio model with GPT-5-class reasoning, 128K context, and parallel tool calling, now generally available.
• GPT-5.5 Instant - OpenAI's new default ChatGPT model cuts hallucinations by 52.5% and adds Gmail-backed personalization at $5/$30 per million tokens.
• MAI-Image-2-Efficient - Microsoft's production image generation model is 41% cheaper and 22% faster than MAI-Image-2, optimized for high-volume enterprise workflows.

Elena Marchetti, Senior AI Editor Awesome Agents - AI news, benchmarks, and tools for practitioners