■ TOP STORY

90-DAY PATCH WINDOW OBSOLETE AS AI ACCELERATES EXPLOITS

Security researcher Himanshu Anand argues that large language models have collapsed the timeline for finding and weaponizing vulnerabilities, making traditional 90-day disclosure policies untenable. Google's Threat Intelligence Group reported stopping a mass exploitation event tied to this acceleration.

► WHY IT MATTERS: Security teams must now assume critical bugs will be exploited within days, not months, forcing immediate patching cycles and upending decades of disclosure norms.

MERCOR RAISES $10B TO AUTOMATE PROFESSIONAL WORK

Mercor, a startup co-founded by twentysomethings with no prior job experience, has secured $10 billion in funding to develop AI that replicates most professional work across white-collar roles.

► The funding signals venture capital's conviction that AI agent automation will displace knowledge workers faster than historically anticipated.

OPENAI CODEX BECOMES AUTONOMOUS SCREEN-WATCHING AGENT

OpenAI has dramatically expanded its Codex developer tool to run autonomously on Mac systems, controlling the screen, generating images, remembering user preferences, and sustaining work on tasks for weeks. The upgrade directly competes with Anthropic's Claude Code.

► Always-on coding agents that operate independently represent a shift from assisted development to hands-off automation, raising questions about code review and security.

META QUEST PRICES SURGE ON APRIL 19 DUE TO CHIP COSTS

Meta Platforms is raising prices on Quest virtual reality headsets on April 19, citing rising memory chip costs as part of an industrywide pricing wave affecting hardware manufacturers.

► VR's path to mainstream adoption faces a cost barrier just as enterprise and consumer applications are accelerating, potentially slowing market growth.

GENERATIVE AI WEAPONIZES IDENTITY THEFT AT SCALE

A Bloomberg investigation reveals how generative AI and autonomous agents are automating identity theft across the U.S., from darknet social security number lookups to deepfake driver's licenses, turning fraud into an industrial operation.

► Consumer identity protection strategies are now obsolete against AI-driven attacks that operate at volumes humans cannot detect or prevent manually.