Anthropic grew 80× while agents learn on their own

Anthropic's 80× Q1 Growth; "Dreaming" and "Outcomes" Ship

• Dario Amodei disclosed at the Code with Claude conference that Anthropic achieved 80× annualized revenue growth in Q1 2026 — far exceeding the projected 10× — with API volume up 70× YoY; Claude Code users now average 20 hours/week of tool use.
• Anthropic signed a compute deal with SpaceX for all 300MW of Colossus 1 (220,000+ NVIDIA GPUs) and is doubling Claude Code's five-hour rate limits across Pro/Max/Team/Enterprise, removing peak-hour reductions.
• A new "Dreaming" feature (research preview) lets agents autonomously create plain-text notes and structured playbooks from past sessions — no weight changes, fully auditable; Harvey AI reported a 6× task completion rate increase using it.
• "Outcomes" (public beta) deploys a separate grader agent evaluating working-agent output against developer-defined success rubrics and iterating without human intervention; Wisedocs cut document review time 50%; Multi-Agent Orchestration entered public beta simultaneously — Netflix is processing logs from hundreds of builds at once.
• Anthropic is in new funding talks at a $900B valuation; Musk — who testified against OpenAI days earlier in Oakland — publicly reversed his stance: "No one set off my evil detector." The White House and Pentagon remain actively at odds over the Trump blacklist, with Trump calling a deal "possible" while Defense Secretary Hegseth holds the ban. (Previously: Anthropic sued the Trump administration over the supply chain risk designation.)

---

OpenAI Formalizes Enterprise: DeployCo Launches, Daybreak Challenges Glasswing, Codex Gets Chrome

• OpenAI formally launched the Deployment Company — a standalone enterprise business backed by TPG, Bain Capital, Goldman Sachs, SoftBank, McKinsey, Capgemini, and 13 other partners — acquiring Tomoro (~150 Forward Deployed Engineers) who embed inside client organizations to redesign workflows around GPT-5.5 and Codex. (Previously: the leaked CRO memo named DeployCo as a strategic pillar — it now has a legal entity and balance sheet.)
• OpenAI announced Daybreak, a three-tier enterprise cybersecurity platform integrating GPT-5.5 with Cisco, CrowdStrike, Palo Alto Networks, Cloudflare, Fortinet, Zscaler, Okta, and Snyk; the most restricted tier — GPT-5.5-Cyber for red teaming and pen testing — directly challenges Anthropic's Mythos/Glasswing.
• Codex can now directly control Chrome on macOS and Windows as of May 8–12, filling the frontend web UI gap Sam Altman acknowledged last week and replacing screenshot-based computer use for browser-native tasks.
• OpenAI published a Codex security deployment guide covering managed network policies, per-command approval tiers, OS keyring credential storage, and agent-native OpenTelemetry logs enabling AI-powered triage to distinguish expected agent behavior from genuine security incidents.

---

Microsoft's 100-Agent Harness Tops CyberGym; Semantic Kernel Gets Two Critical Patches

• Microsoft unveiled MDASH — a 100+ specialized AI agent pipeline that found 16 new Windows vulnerabilities including 4 critical RCEs in the kernel TCP/IP stack and IKEv2 service — scoring 88.45% on CyberGym to lead the public leaderboard; 100% recall on planted vulnerabilities in tcpip.sys with zero false positives.
• Microsoft's stated architectural principle: "the durable advantage lies in the agentic system around the model" rather than any single model — MDASH is currently used by Microsoft security teams with private preview available.
• Microsoft simultaneously disclosed two critical CVEs in its own Semantic Kernel framework: CVE-2026-26030 (Python SDK ≤1.39.3) enables host-level RCE via prompt injection through an unsanitized eval() call — fix: upgrade to 1.39.4+; CVE-2026-25592 (.NET SDK ≤1.70.x) allows sandbox escape and arbitrary file write to the Windows Startup folder — fix: upgrade to 1.71.0+.
• Microsoft's accompanying warning: "AI models are not security boundaries" — any tool parameter influenced by model output must be treated as attacker-controlled input regardless of model or framework.

---

AWS Gives Agents Payment Accounts; Google Pre-Loads I/O with Android Agents

• Amazon Bedrock AgentCore Payments (preview) — built with Coinbase and Stripe — lets AI agents autonomously pay for APIs, MCP servers, web content, and other agents without custom billing or credential management.
• Amazon WorkSpaces for AI agents (preview) lets agents access and operate desktop applications inside managed WorkSpaces; AWS MCP Server went GA as a managed authenticated endpoint for all AWS services, per the same announcement.
• AWS Kiro added "Requirements Analysis" — combining LLMs with an SMT solver for mathematical verification of requirements before any code is generated — cutting implementation time by up to 75% and directly targeting AI slop from ambiguous specs.
• Google's Android Show: I/O Edition (May 12) previewed Googlebooks (AI-native laptops from five OEMs, launching fall 2026), Gemini executing cross-app multi-step tasks from natural language on Android, and "Create My Widget" — vibe-coded custom widgets described in natural language, launching first on Galaxy and Pixel; full I/O follows May 19 with Gemini 4 expected.
• Google published a long-running ADK agents tutorial using durable state machines, SQLite/Cloud SQL session persistence, and event-driven webhooks — so enterprise agents sleep during human approval pauses and resume without losing context — deployable to Agent Runtime with scale-to-zero.

---

Red Hat AgentOps, UiPath Orchestration, and the Self-Hosted Coding Race

• At Red Hat Summit, AgentOps shipped with cryptographic agent identity (SPIFFE IDs), behavioral anomaly detection flagging suspicious actions that technically succeed (e.g., PII exfiltration attempts that trigger secret-dumping), and an AI gateway routing requests to the optimal model; NVIDIA's open-source OpenShell provides the underlying sandbox runtime with credential gateways outside each agent process — ServiceNow's Project Arc and the new NOWAI-Bench open enterprise benchmarking suite both run on OpenShell.
• Red Hat Desktop went GA on May 12 — commercial Podman Desktop support with isolated AI agent sandboxing built on SLSA Level 3, SBOM-backed Hardened Images; Fedora Hummingbird Linux ships alongside as a rolling-release OS continuously built by an agentic software factory with zero-CVE-at-release targets.
• UiPath launched native integrations for Claude Code and Codex built on Temporal's durable execution — Maestro provides policy enforcement, audit trails, credential vaults, and RBAC for all agent-generated automations; UiPath is explicitly not building its own coding agent, betting the governance layer is more defensible.
• Coder launched Coder Agents in public beta (May 6) — the first self-hosted, model-agnostic AI coding agent platform — with source code, prompts, and model traffic never leaving customer infrastructure; free through September 2026, targeting enterprises blocked by ISO 27001, SOC 2, HIPAA, and PCI-DSS from cloud-hosted tools.
• Nova raised $31M Series A to bring agentic coding to the SAP ecosystem — a 34B€/year market where code lives in databases, not files, making standard agents useless out of the box; Nova's dev container syncs file system changes bidirectionally with SAP servers, with Git providing checkpointing and time-travel across the 5,000–20,000 custom programs enterprises must migrate to S/4HANA.
• GitHub engineering published a "Trust Layer" methodology for validating non-deterministic agent behavior — modeling execution traces as Prefix Tree Acceptors with compiler-theory dominator analysis — achieving 100% accuracy vs. 82.2% for agent self-assessment; agents score 0% F1 on "not a bug" scenarios when grading their own work.
• SpaceXAI Grok Build (rebranded from xAI) remains unlaunched for a sixth consecutive week since Musk's "next week" pledge, now absorbed into SpaceX's orbital compute strategy; early-access testers confirm plugins, MCPs, skills, git worktree support, and a built-in browser are functional — no official launch date.