Research Ecosystem: Morning Brief

Two-week window across 71 tracked feeds, scored against active research threads. Metadata only: titles, links, dates. Read the source for substance. (what we track, how we crawl, subscribe)

Schneier publishes on self-propagating AI worms the same week OpenAI ships Lockdown Mode for prompt injection defense and TechCrunch reports the NSA is readying Anthropic's Mythos for cyber operations. Meanwhile the token bill is coming due across the industry, Netlify's CTO declares writing code is no longer the job, and UC Berkeley CS grades collapse as students lean on AI. Anthropic mapped a year of AI-enabled cyber threats against MITRE ATT&CK, and clj.rs brings a Clojure implementation to Rust.

Top (5-7 min)

AI Worm: Schneier on Security, 2026-06-05. Self-propagating AI attacks as a class. Not hypothetical anymore — the agent-security thread moves from prompt injection to autonomous propagation.
OpenAI unveils Lockdown Mode: TechCrunch, 2026-06-06. Enterprise defense against prompt injection. The first major vendor to ship an explicit mode toggle for it — sets the framing for what "secure by default" means in agent deployment.
NSA readying Anthropic's Mythos for cyber operations: TechCrunch, 2026-06-05. Government adoption of frontier models for offensive cyber. The governance question Anthropic's S-1 filing will have to address publicly.
The token bill comes due: TechCrunch, 2026-06-05. The cost reckoning. Connects to Google paying SpaceX $920M/month for compute and Cloudflare shipping AI Gateway spend limits in the same week.
Netlify CTO: Writing code is no longer the job: Hacker News, 2026-06-07. The role-shift thesis stated plainly by a platform CTO. Lands alongside Berkeley's failing CS grades as AI usage soars in coursework.

Themes this week

AI security: from injection to propagation: Schneier's AI Worm frames self-propagating attacks as a class, OpenAI ships Lockdown Mode, Schneier also covers hacking Meta's AI chatbot, and Anthropic published a year-long mapping of AI-enabled cyber threats against MITRE ATT&CK. The attack surface taxonomy is maturing: social engineering, prompt injection, autonomous propagation, supply-chain poisoning. TechCrunch rounds up the worst breaches of 2026 and Google/FBI warn of ransomware groups sending fake IT workers in person.
Government-AI entanglement deepens: the NSA readies Anthropic Mythos for cyber ops, Trump admin may take equity in OpenAI, Sriram Krishnan leaves the White House AI advisor role, and Slashdot notes Trump, Sanders, and Altman are all talking about public ownership in AI. EFF testifies to Congress on protecting rights from government AI. Reid Hoffman leaves Microsoft's board for Manus.
The cost reckoning: the token bill comes due while Google will pay SpaceX $920M/month for compute, AirTrunk commits $30B to 5GW of data centers in India, Cloudflare ships AI Gateway spend limits, and Supabase doubles to $10B valuation in 8 months. The capital structure beneath the agent ecosystem is repricing in real time.

Scan (15 min)

Agents and harnesses
- Netlify CTO: Writing code is no longer the job, Hacker News, 06-07
- LLMs are eroding my SE career, Hacker News, 06-07
- Lathe: Use LLMs to learn a domain, not skip past it, Hacker News, 06-07
- Tokenomics: Where Tokens Are Used in Agentic SE, Hacker News, 06-07
- Designing the hf CLI as an agent-optimized interface, Hugging Face, 06-04
- Design Mode Improvements, Cursor, 06-05
- Canvas Design Mode and Context Usage Report, Cursor, 06-04
- Claude Code v2.1.168, Claude Code releases, 06-06
- The skills.sh API is now available, Vercel, 06-05
AI labs and models
- Dreaming: Better memory for ChatGPT, OpenAI, 06-04
- Biodefense in the Intelligence Age, OpenAI, 06-04
- Anthropic Services Track and Partner Hub, Anthropic, 06-03
- Expanding Project Glasswing, Anthropic, 06-02
- Gemini Enterprise: Agentic RAG, Google Research, 06-05
- Nemotron 3.5 Content Safety, Hugging Face, 06-04
- EVA-Bench Data 2.0: 3 Domains, 121 Tools, 213 Scenarios, Hugging Face, 06-04
- Reve 2 and Ideogram 4: Layouts in Imagegen, Latent Space, 06-04
- Reality: The Final Eval — Andon Labs, Latent Space, 06-04
Corp engineering and infrastructure
- Google pays SpaceX $920M/month for compute, TechCrunch, 06-05
- AI Gateway spend limits, Cloudflare, 06-05
- VoidZero is joining Cloudflare, Cloudflare, 06-04
- Supabase Series F, Supabase, 06-04
- Multigres v0.1 Alpha: an operating system for Postgres, Supabase, 06-04
- How ClickHouse became fast at joins, ClickHouse, 06-04
- 3x Faster Search: Instructed-Retriever-1, Databricks, 06-04
- Speculative KV coding: losslessly compressing KV cache ~4x, Hacker News, 06-04
- Kyushu: self-hostable WASM sandbox for JS workers, Hacker News, 06-07
Eval, safety, governance
- AI Worm, Schneier, 06-05
- Hacking Meta's AI Chatbot, Schneier, 06-04
- What we learned mapping AI-enabled cyber threats (MITRE ATT&CK), Anthropic, 06-03
- Computational cognitive neuroscience perspective on alignment, Alignment Forum, 06-05
- ARC White-Box Estimation Challenge, Alignment Forum, 06-02
- How to Stop Shipping Low-Quality RL Environments, Latent Space, 06-05
- Arithmetic Without Numbers: How LLMs Do Math, Hacker News, 06-05
Surveillance and critique
- ICE's Plan: Cops Scan Faces to Verify Immigration Status, 404 Media, 06-05
- Google Employees Share Memes About How Its AI Sucks, 404 Media, 06-04
- Lawsuit Over Palantir's ELITE, 404 Media, 06-04
- Nadella "Not Sure" Who Said Microsoft Wanted Addictive AI, 404 Media, 06-04
- Move Fast, Surveil Things, EFF, 06-04
- Internet Age-Gates Are a Growing Global Threat, EFF, 06-05
- Delusion as a service, Pluralistic, 06-04
- Refining humanity, Pluralistic, 06-05
Systems, BSD, kernel
- Moving beyond fork() + exec(), LWN, 06-05
- Splicing out vmsplice(), LWN, 06-04
- Dave Airlie on Linux Kernel Maintenance, LWN, 06-04
- Ruby's Bundler adds a cooldown feature, LWN, 06-05
- BSD Now 666: Everyone gets an LPE, BSD Now, 06-04
- Podman 6: machine usability improvements, Hacker News, 06-07
Aviation
- Boeing CEO confirms studying 737 rate to 70/month, The Air Current, 06-05
- Boeing explores 737 rate increase near Airbus's target, The Air Current, 06-04
- Boeing gains FAA approval for 777-9 certification step, Leeham, 06-07
- Airbus Next New Airplane Part 4: ZEROe, Leeham, 06-04
Clojure and Scheme
- clj.rs: Clojure implemented on Rust, Planet Clojure, 06-07
- Scaffold BigConfig Packages with Claude Code Skills, Planet Clojure, 06-07
- Configuring Clojure Apps, Planet Clojure, 06-04
- Configure Calva Result Display, Planet Clojure, 06-06
Developer tools and languages
- Running Python in a sandbox with MicroPython and WASM, Simon Willison, 06-06
- AI enthusiasts race against time, skeptics against entropy, Simon Willison, 06-04
- Symbolica 2.0: Programmable Symbols for Python and Rust, Hacker News, 06-05
- Yon: a topos-oriented language with content-addressed lattice heap, Hacker News, 06-05
- Warren's Abstract Machine: A Tutorial Reconstruction, Hacker News, 06-05
- IOCCC 2025 Winners, Hacker News, 06-07
- ntsc-rs: open-source analog TV and VHS artifact emulation, Hacker News, 06-06

Tail

OpenAI Help: Lockdown Mode, Simon Willison, 06-05
Quoting Andreas Kling, Simon Willison, 06-05
WWDC 2026: Siri revamp and Apple Intelligence updates, TechCrunch, 06-06
Whistleblower accuses IBM of covering up data breaches, TechCrunch, 06-05
Biohub releases a world model of protein biology, Hacker News, 06-04
The OnlyFans Economy of American AI, Hacker News, 06-07
Scientists Discover Hidden Symmetry on Earth, 404 Media, 06-06

Feed silences (diagnostic)

arxiv-cs-ai: 2587 items in the 14-day window, fully live.
anthropic-generated: 3 new items since last brief (Partner Hub, MITRE ATT&CK mapping, Project Glasswing). First-party RSS still 404.
claude-code-releases: v2.1.163 through v2.1.168 (6 releases in 3 days).
bitsavers (6 feeds): all connected, 0 items (sparse output).
James Bornholt, Netflix Tech Blog: errors persist (DNS / TLS).

Build provenance

build: 2026-06-07 | crawler-sha: ccf2e09 (Walsh-Research/1.2, compliance v1.3) | feeds: 71 core | items-considered: 3664 (14d, incl. 2587 arXiv) | warehouse: 11380 items | published: 75 | note: Schneier AI Worm; OpenAI Lockdown Mode; NSA Mythos; token bill; Netlify code-is-not-the-job; Anthropic MITRE ATT&CK; clj.rs Clojure-on-Rust; fork+exec LWN