Saturday, May 16
Saturday, May 16
Your Phone Can Now Pilot Your Coding Sessions (and OpenAI's Superapp Is Official)
OpenAI just dropped Codex into the ChatGPT mobile app on iOS and Android, turning your phone into a remote control for coding sessions running on your Mac. Files, credentials, permissions — everything stays on the host machine. The phone is a secure relay, nothing more. Over 4 million people now use Codex weekly, and this Friday's rollout covers every plan including Free. Bigger picture: OpenAI confirmed that ChatGPT, Codex, and the Atlas browser are merging into one superapp. With Google I/O landing Monday, the calendar math speaks for itself.
Your Phone Can Now Pilot Your Coding Sessions (and OpenAI's Superapp Is Official)
OpenAI just dropped Codex into the ChatGPT mobile app on iOS and Android, turning your phone into a remote control for coding sessions running on your Mac. Files, credentials, permissions — everything stays on the host machine. The phone is a secure relay, nothing more. Over 4 million people now use Codex weekly, and this Friday's rollout covers every plan including Free. Bigger picture: OpenAI confirmed that ChatGPT, Codex, and the Atlas browser are merging into one superapp. With Google I/O landing Monday, the calendar math speaks for itself.
AI Product Buzz: Labs Ship, Users Push Back
Friday in AI land has a particular energy. The major labs are shipping at a pace that makes weekly roundups feel almost nostalgic. OpenAI's Codex crossed 4 million weekly active users, which puts it in roughly the same active-user territory Figma occupied when Adobe tried to buy it for $20 billion.
- Model version bumps now ship through CLI updates without so much as a blog post
- The OpenAI-Anthropic rivalry has entered its "matching features within weeks" phase, historically when things get interesting for users and painful for product teams
- Google I/O lands Monday, and the leak cycle is already groaning under its own weight
- AI products are quietly expanding into genuinely sensitive territory, faster than anyone's comfort zone can keep up
The vibe? Chaotic, fast, and increasingly personal between the big players. Buckle in.
Friday in AI land has a particular energy. The major labs are shipping at a pace that makes weekly roundups feel almost nostalgic. OpenAI's Codex crossed 4 million weekly active users, which puts it in roughly the same active-user territory Figma occupied when Adobe tried to buy it for $20 billion.
- Model version bumps now ship through CLI updates without so much as a blog post
- The OpenAI-Anthropic rivalry has entered its "matching features within weeks" phase, historically when things get interesting for users and painful for product teams
- Google I/O lands Monday, and the leak cycle is already groaning under its own weight
- AI products are quietly expanding into genuinely sensitive territory, faster than anyone's comfort zone can keep up
The vibe? Chaotic, fast, and increasingly personal between the big players. Buckle in.
Security Scares, Policy Moves, and Assorted Wild Cards
Two OpenAI employee devices were compromised in the Shai-Hulud supply chain attack, with limited credentials exfiltrated from internal repos. Worse: the attack source code leaked online, creating copycat risk. macOS users must update apps before old certificates are revoked June 12.
Google's own security team built a full zero-click exploit chain for Pixel 10. The VPU driver bug took two hours to find and five lines of code to exploit. AI features that decode media before you open messages expanded the attack surface. Patched in February.
Four chained critical vulnerabilities in OpenClaw, one of the fastest-growing open-source autonomous agent platforms, leave an estimated 245,000 installations exposed. The AI agent attack surface is growing at the same speed as adoption.
Pwn2Own Berlin kicked off today with zero-day exploits hitting browsers, operating systems, and AI platforms. The competitive hacking community is officially treating AI infrastructure as a prime target category. That shift happened fast.
The DOJ is demanding Apple, Google, and Amazon hand over identities, addresses, and purchase histories of 100,000+ users of EZ Lynk, a car-tinkering app allegedly used to bypass emissions controls. EZ Lynk's lawyers are calling Fourth Amendment foul.
Louisiana is offering Meta $3.3 billion in tax breaks for a $10 billion data center on 2,250 acres of former farmland. That sum could fund the state's entire police budget for seven years. The facility may consume 20% of Louisiana's total electricity.
AB 1921 passed the Assembly Appropriations Committee. If signed, developers would need to give 60 days' notice before server shutdowns, then release an offline mode or issue refunds. The ESA, representing Microsoft, Sony, and EA, is fighting it hard.
Tim Abbott announced the Zulip Foundation and his departure to join Anthropic. The Friday afternoon timing raised eyebrows. Zulip ran for years as a mission-driven for-profit with no VC funding. The foundation represents a real governance shift as its creator exits.
Favorite Featured Stories
MCP and A2A are becoming the communication layer for autonomous software. MCP assumes the thing on the other end is a to...
A peer-reviewed study of 3,500 workers found that AI collaboration improved output quality while cutting intrinsic motiv...
Researchers found tens of thousands of exposed OpenClaw agent instances and over a million compromised API tokens. The e...
Before an AI agent processes a single webpage, anti-bot systems have already judged it. The evaluation is about identity...
MCP and A2A are becoming the communication layer for autonomous software. MCP assumes the thing on the other end is a to...
A peer-reviewed study of 3,500 workers found that AI collaboration improved output quality while cutting intrinsic motiv...
Researchers found tens of thousands of exposed OpenClaw agent instances and over a million compromised API tokens. The e...
Before an AI agent processes a single webpage, anti-bot systems have already judged it. The evaluation is about identity...