📘 Unsupervised Learning NO. 507

Hey! Hope you all are doing well!

I'm happy being back home with no major travel planned until next year. Woohoo! More time to work on Kai and Neovim configs! And ship, of course.

—

One of the most idea-rich newsletters I've done in a while. I need to get better at putting these out on Monday morning and not working on them endlessly through Monday and Tuesday. They just get so exciting as I dig into all the ideas!

—

Enjoying this book. Just came out in reprint.

—

🛡️ Major analysis on the Anthropic Report. See the first story in Cybersecurity below.

—

🤯 Working on a huge idea for Karpathy’s Software 2.0 idea and merging it into Kai at a DNA level. Also spawned by a recent in-person hangout with my buddy Clint Gibler, which was phenomenal. TEASE: Verifiability All The Things.

—

Submitted a bug to Anthropic in Claude Code couple weeks ago and it just got fixed tonight by the Anthropic team!

—

My buddy at OpenAI is hiring offensive security engineers to red team their AI agents My buddy is an absolute star, and I've heard nothing but good things about the team. If this is you, you should check this out. OPENAI JOB POSTING

Super excited to be consolidating and upgrading a lot of my business workflows before heading into 2026. I have a new Head of Operations who is extraordinary, and we are consolidating on a single tool (reply to this email and ask for the name if you’re curious) for both project management and chat.

I also find it funny that the tool just implemented Slack as a minor feature within the platform. Like I literally have no feature inside of this platform’s chat that I don't have in Slack. But the opposite is definitely true. Honestly happy to see it because I feel like Slack has treated people badly just because they could.

—

Massive upgrade to my voice system for Kai. Now I'm using the upgraded API endpoint for Eleven Labs. So all of my different agents, including Kai and all the sub-agents, are using parsody markers for their voices, which is basically a markdown system for indicating emotion.

—

I'm not sure what's happened in the last couple of months, but it appears that X has largely made a return as the main place for conversation online—at least within tech, security, and definitely within AI. I am now recommending to friends that left—many of which for good reasons—consider coming back. If you really look at them, any platform that you participate in is going to have people and ideas associated with it that you deeply dislike. And at some point, it's no longer a net win trade-off for you, or anyone else, to exclude yourself from conversation and activity because of that. I personally have noticed the negativity and hate stuff drop off significantly in the last few months, and there are signs that that is going to improve. This combined with my liberal use of filters and muting, and the fact that the alternative have largely self-immolated, have brought me to this conclusion. Just consider it.

I upgraded my dictation microphone to the updated version of my Sennheiser boom mic, the MHK 8060, particularly for use with Wispr Flow. No, they are not a sponsor, but if they are listening, they should hit me up so they can be. :)

I was previously using a high-end dedicated Shure mic for this, but those are Condenser mics, which are designed to be really clean, but generally aren't as sensitive. The Sennheiser boom mics are extremely sensitive, and the whole game with dictation is I just want to sort of talk and speak naturally as if I'm talking to a colleague, and since I'm doing huge dictation numbers I don't want to have to yell or make a lot of corrections. The 8060 is overkill because it's a professional mic, but if you get any dynamic mic, including like a Yeti, it's going to be way better than dynamic mics for this particular use case. The thing with a Yeti is you would need it to be on an arm or right in front of you somehow, close to your mouth so you can talk quietly. That's why I like the boom option so it’s kind of out of the way normally.

Anyway, if you’re doing a lot of AI, especially using dictation, I highly recommend you switch to a dynamic microphone. Ideally, a boom mic that is pointed towards you for doing AI dictation. And if you're doing a lot of AI while typing, I recommend you switch to dictation. :)

—

Massive updates to the Personal AI Infrastructure Project.

THE UPDATED PAI REPO

🔥 Biggest story for me last week was the the Anthropic report on Automated Cybersecurity Attacks. The short version of this is that Anthropic found another automated hacking campaign using their platform, and they wrote a full report on it.

Main Takeaways

My Analysis

We've been saying here for a long time that the future of cybersecurity is attacker automation systems against offender automation systems. And now we're seeing that actually come true

To me, this also scores as a win for scaffolding over model because it seems that the main way that it worked was breaking things into those discrete pieces as part of an orchestration system

The only reason that we have any visibility into this thing at all is because they aren't using custom models. What happens when China itself has models that attackers can use that are as good or better than this current generation?

Perhaps the scariest thing to me is that the open-source models or the proprietary models used by China only have to get a certain level of quality before the scaffolding itself—which can be shared as a series of skills or as a complete automation system on GitHub or something—can be distributed to all attackers within their ecosystem and used in attacks at scale. (AI will not force me to stop using em-dashes)

For the last few months, I've actually started to be concerned about cybersecurity for the first time in a while. Like I've always known that the attacks will continue to evolve, they'll continue to outsmart the defender, and the defender will then evolve. So it will continue to be a Red Queen game.

I'm starting to get really concerned that defenders will be too far behind on this maturity model that I just put together for my recent talk at AppSec USA.

This gap between defenders and attackers on this maturity model is really concerning to me. Based on what I'm seeing and hearing from the field, I’m worried attackers are much further along at implementing Level 2, and some are already moving towards Level 3, while most defenders are still at level one and just starting to think about level 2.

And I'm not just talking about start-ups or average companies or large enterprises. I'm also talking about the US, versus China, Russia, North Korea, or whoever. And to some degree even of much smaller actors who are just really advanced orchestration at level 2 - 4.

My concern is that I've been in too many hundreds of companies at this point helping them with security. And I've never seen anyone who can radically shift their defensive posture to account for a new threat this quickly.

Whether you're a business competing against competitors or a company defending against attackers, the only way to beat a system like this is to have a system like this.

And your system needs to be better. It needs a better design, needs to be faster, needs better orchestration, needs more context, needs more real-time data, etc. It's like the cat-and-mouse game that we've all been talking about for decades is now a lot more concrete, and it's personified as an AI orchestration system.

Attackers have the tremendous advantage of being able to YOLO this kind of thing. They can launch 10 of them and see which one works. And if it doesn’t work and kind of breaks everything, they just delete and start over. They don't have as much SRE to worry about and 5 nines to maintain and 37 different approvals before they can even start the program.

Defenders really are in a bad spot here, and this is the one tech fight we cannot lose.

THE ANTHROPIC BLOG POST | FULL REPORT PDF | BUILDING AI CYBER DEFENDERS

—

Logitech got hit by a zero-day exploit that leaked 1.8 terabytes of data The Clop ransomware gang used an Oracle vulnerability to sweep internal data, though Logitech says no sensitive customer info was compromised. SEC FILING | LOGITECH DISCLOSURE | BLEEPINGCOMPUTER REPORT

Azure hit by 15 Tbps DDoS from 500k compromised home devices BLEEPINGCOMPUTER ARTICLE

Google launches Private AI Compute, its version of Apple's privacy tech Google's Private AI Compute uses hardware enclaves so Gemini processes your data in the cloud without Google being able to access it—sounds a lot like Apple's setup. GOOGLE ANNOUNCEMENT | APPLE PRIVATE CLOUD COMPUTE | JOHN GRUBER'S TAKE

Attackers now weaponize half of all CVEs within 48 hours using AI Gene Moody at Action1 says defenders can't win at human speed—automation isn't optional anymore, it's the only way to close the gap. Completely agree. This is what we've been saying here for a couple of years. Similar to what we talked about in the first story. ACTION1 HOMEPAGE | ACTION1 PATCH MANAGEMENT | CISA KEV CATALOG

China says the US hacked and stole $13 billion in Bitcoin TOM'S HARDWARE ARTICLE

China threatens Japan with military patrols and tourist warnings after Taiwan defense comments After Japan's new PM Sanae Takaichi said she'd defend Taiwan militarily, Beijing sent warships to disputed waters and told Chinese tourists to avoid Japan entirely. OODALOOP ARTICLE

Poland says two Ukrainians working for Russian intelligence sabotaged railway then fled to Belarus Polish PM Donald Tusk told parliament that investigators identified the suspects behind the rail explosion he called unprecedented sabotage. POLISH RAILWAY EXPLOSION REPORT | ORIGINAL SABOTAGE STORY

America and China are neck and neck in military drone capabilities A head-to-head comparison shows both superpowers have roughly equivalent unmanned aircraft arsenals. WSJ DRONE COMPARISON

Germany bans Huawei from future 6G infrastructure BLOOMBERG ARTICLE

Japan scrambled jets after spotting Chinese drone near Taiwan. OODALOOP ARTICLE

Europe plans a drone wall against Russian incursions but experts say it won't be foolproof Security correspondent Frank Gardner reports that after Russian drones flew into Poland, Europe wants a multi-layered defense system by 2027—but the tech will never be watertight. BBC INDEPTH ARTICLE

China says the US hacked and stole $13 billion in Bitcoin TOM'S HARDWARE ARTICLE

Amazon launches bug bounty for NOVA AI models AMAZON ANNOUNCEMENT

Google released Gemini 3, and the metrics indicate that it's a major jump But the real test will come from people actually using it in the field. I'm going to be incorporating it in my Kai system, of course, but I do it through skills and specific calls to the Gemini command line. some of these jumps over previous models are extraordinary, especially Humanity's last exam.

We got GPT-5-1 at 26% and 3Pro at 45%. From 17% in Arc AGI-2 to 31%. Look at Math Arena Apex. That one is ridiculous. GPT-5-1: 1% to 23%. I thought this vending bench 2 metric was really cool. This is basically an actual vending machine business that's being run autonomously by AI. GPT-51 made $1,400 in profit, and Gemini 3 Pro made $4,600 in profit.

facts Benchmark Suite from 50% to 70%. Simple QA verified 34% to 72%. Really impressive numbers. I just can't wait to see how this plays out in real-world scenarios.

Meanwhile, Pachai says no company will survive an AI bubble burst unscathed Sundar Pichai admits there's "irrationality" in the AI boom and warns every company—including Google—would feel the impact if it pops. BBC INTERVIEW WITH SUNDAR PICHAI

Fei-Fei Li and Yann LeCun both think world models beat transformers They're betting AI needs internal physics simulators that predict how reality works, not just next-token prediction at scale. ENTROPYTOWN ARTICLE | HN DISCUSSION

Nvidia's selling complete AI server trays now instead of just GPUs TOM'S HARDWARE ARTICLE

Fei-Fei Li's World Labs launches Marble, the first commercially available world model World Labs beats competitors like Decart and Odyssey by launching Marble, which generates persistent, editable 3D environments instead of morphing real-time worlds you can't keep. MARBLE | WORLD LABS BLOG | FEI-FEI LI MANIFESTO

Google launches Gemini 3 with new coding app and record benchmark scores Google's Gemini 3 just crushed GPT-5 Pro on the Humanity's Last Exam benchmark, scoring 37.4 versus 31.64, and they're shipping it with a new agentic IDE called Antigravity. GEMINI 3 ANNOUNCEMENT | GOOGLE ANTIGRAVITY BLOG | HUMANITY'S LAST EXAM LEADERBOARD | GEMINI 2.5 RELEASE

THE IDE: Antigravity, an agent-first IDE that manages multiple AI coders at once Google's new VS Clone, Antigravity, has a "Manager view" that lets you orchestrate multiple AI agents in parallel, plus it creates Artifacts—task lists and browser recordings—so you can verify what it's actually doing. THE VERGE ARTICLE | GEMINI 3 PRO ANNOUNCEMENT

Nvidia and Microsoft are pumping $15 billion into Anthropic in exchange for a $30 billion Azure commitment Anthropic's getting massive funding but has to spend double that on Microsoft's cloud, which is basically a clever way to lock in a huge customer.

Cloudflare's bot defense crashed and took the internet down CLOUDFLARE OUTAGE COVERAGE

The outage broke X, ChatGPT, and even McDonald's kiosks. I wonder if we should value stocks based on how much of the internet net goes down when they have an outage. Isn't that the real test of market share? TOM'S HARDWARE LIVE COVERAGE

Venture funds now living to 20 years old as billions sit trapped in overvalued startups I was just talking about this a couple of months ago. LPs are confronting a liquidity crisis where funds last 18-20 years instead of 13, with secondaries becoming essential infrastructure and valuations showing 90% discounts. TECHCRUNCH ARTICLE

I can build enterprise software but I can't charge for it EchenD nails the painful irony—technical skills don't automatically translate to monetization skills, and nobody teaches engineers how to actually sell. ECHEN'S ESSAY | HN DISCUSSION

Peter Thiel sold his entire Nvidia stake Nvidia's earnings are tomorrow, by the way. TECH IN ASIA ARTICLE

Waymo launches highway robotaxis in three US cities WAYMO HIGHWAY EXPANSION

Tesla is finally adding CarPlay support after years of Musk saying no BLOOMBERG ARTICLE

Apple lets you create a digital ID from your passport for TSA checkpoints You can now scan your passport and get a wallet ID that works at 250+ airports, no driver's license needed. APPLE NEWSROOM | APPLE WALLET INFO | NY TIMES OVERVIEW

Kosmos autonomously reads 1500 papers and runs 42k lines of code to make real scientific discoveries This is an example of one of the things I'm most excited in terms of practical outputs from AI. Edison Scientific launches Kosmos, an AI scientist that beta users say does 6 months of research work in one day—it's already made seven discoveries including finding a potential Alzheimer's mechanism.

I am in Camp Scaffolding. That means I believe that a major part of intelligence—and perhaps the most important part—is getting the right content into whatever intelligence that you have at the right time. I see medical progress the same way. In addition to needing a really good world model. I think we have done tons of research that is not being harvested for facts and truths that can be woven into a larger understanding. if somebody did research that says so and so type of cell responds in such and such way to exposure to this particular type of molecule, that is the type of information that needs to be combined with many other granular pieces of information to produce something useful.

We're talking about a giant game of connect the dots, and a lot of science is like that. another way to say that, that I talk about in the military or cybersecurity context is that context reduces required expertise.

If you were looking at a giant map of exactly how the entire body works, and a giant map of how molecules affect how the body works, you would be having a completely different conversation about cause and effect, and therefore which medicines to build and why. This is what excites me about AI, in particular, and in particular, this type of approach to AI where we are doing mass collection and weaving multiple observations into what David Deutsch talks about as explanations.

Incredibly exciting.

KOSMOS TECHNICAL REPORT | EDISON SCIENTIFIC PLATFORM | EDISON SCIENTIFIC ANNOUNCEMENT

Most people can't tell AI music from human recordings in new survey A poll found 97% of people couldn't distinguish between AI-generated and human-made music clips when listening to them. THE HILL ARTICLE

This flu season looks rough early as mutated H3N2 emerges already ARSTECHNICA ARTICLE

US House votes nearly unanimously to force release of all Epstein files After the President reversed his initial opposition, the House passed the Epstein Files Transparency Act with only one dissenting vote, requiring the Justice Department to release all documents. DW ARTICLE | TRUMP AND EPSTEIN EXPLAINER | TRUMP CALLS FOR RELEASE

Sperm whales communicate using vowel-like clicks ECONOMIST ARTICLE

Chernobyl fungus evolved to eat radiation like plants eat light UNILAD ARTICLE

Bavaria's premier wants Germany to bring back nuclear power Bavarian Premier Markus Söder is pushing for a nuclear energy comeback in Germany after the country shut down its last reactors. GERMANY NEWS LIVE BLOG

Humiliation is unbelievably powerful
I'm not saying this is a perfectly accurate frame, but one way to view the world right now is China is scrambling up the ladder in plotting world domination because of the 100 Years Humiliation. And the current US President is in office because Obama publicly humiliated him at an elite dinner. Humiliation creates drive like nothing else I can think of, and it's usually not the good kind.

Galaxy brain resistance is about how easily you can twist an argument to justify anything Brilliant essay here. Vitalik argues that good reasoning should be hard to abuse—inevitabilism, longtermism, and power maximization all let you rationalize whatever you already wanted, making them worthless as actual arguments. VITALIK'S ESSAY

A must-read on the big jump of AI from Software 2.0 → Software 3.0. This is one of Karpathy's ideas that gets way too little exposure.

Think in Math. Write in Code. Math (unlike programming) lets you reason about logic freely without committing to data structures, abstractions, or implementation details that constrain how you think. THINK IN MATH ARTICLE | JUSTIN MEINERS

Creative work effort scales superlinearly because high-quality peaks have tiny acceptance volumes Markus Strasser argues making stuff good is fractal search—once you zoom in, the parameter space that doesn't make it worse collapses hard. CREATIVE WORK LANDSCAPES | MARKUS ON TWITTER

MCP Shark lets you monitor and debug Model Context Protocol traffic It's basically Wireshark for MCP connections, so you can see what's actually flowing between AI apps and servers in real-time. MCP SHARK GITHUB | HN DISCUSSION

AI World Clocks generates a new clock every minute using nine AI models AI WORLD CLOCKS

Overheard: “Overconfidence is the new zero-day.”

Strace-macos brings system call tracing to macOS without disabling SIP STRACE-MACOS REPO

You misunderstand what it means to be poor Being poor isn't just being broke—it's when your entire support system is also poor, so there's no safety net anywhere. CTMS BLOG POST | HN DISCUSSION

Agfs turns everything into files, making remote resources feel local This is a Plan9-inspired filesystem where APIs, databases, and remote services all show up as files you can just cat and echo to. AGFS GITHUB | HN DISCUSSION

Do Not Put Your Site Behind Cloudflare if You Don't Need To RIK'S BLOG POST

A curated GitHub repo collecting every major 2025 security report in one place Jacob Wilson's awesome-annual-security-reports repo compiles all the annual threat intelligence and security reports from vendors, so you don't have to hunt them down individually. Definitely making this part of my workflow going forward. GITHUB REPO

Sustained attention makes anything loop on itself into altered states HENRIK KARLSSON'S ARTICLE

Cloudflare Zero Trust tunnels finally explained in a way that makes sense David breaks down tunnels, routes, and targets—turns out you can expose private networks publicly or build fully virtual private IPs that only exist in Zero Trust. DAVID'S CLOUDFLARE GUIDE | DAVID ON X | DAVID ON BLUESKY

Only three kinds of AI products work SEAN GOEDECKE ARTICLE

Giving up unattainable goals makes you healthier and happier Not sure how I feel about this one. THE SURPRISING BENEFITS OF GIVING UP

Whenever there is a major new trend in society or a big news event, attackers will use that for scams.

Right now, that thing is job loss in the tech sector, especially, and fake recruiters on LinkedIn send meeting invites that lead to sites pushing malicious "updates" that are actually remote access tools attackers can use for ransomware.

So if you or people you care about are looking for jobs, you need to warn them that scammers are moving in that direction very quickly. You have to be very careful what links you're clicking on and what you're giving information to.

Job scam reports jumped 19% targeting desperate workers MORNING BREW STORY | MALWAREBYTES ARTICLE