OpenAI acquires Python toolchain Astral, Google revamps Android sideloading, and Cloudflare launches frontier LLM inference

Android Developers Blog

Google Introduces 24-Hour Waiting Period and Biometric Auth for Android App Sideloading

Google introduced a new Android developer verification system that balances platform openness with user security. The new Advanced Flow for power users requires multiple safeguards to sideload apps from unverified developers: enabling developer mode, restarting the device, waiting 24 hours, and completing biometric authentication — specifically designed to protect against social engineering scams. Google is also creating limited distribution accounts for students and hobbyists to share apps with up to 20 devices without full ID verification. Both options launch in August 2026.

Cloudflare Blog

Cloudflare Workers AI Now Runs Frontier LLMs, Starting with Kimi K2.5

Cloudflare has introduced large language model support on Workers AI, starting with Moonshot AI's Kimi K2.5 featuring a 256k context window with multi-turn tool calling and vision inputs. The company optimized model performance through custom kernels and disaggregated prefill architecture, alongside new features like prefix caching with a session affinity header and a redesigned pull-based async API. In production, Cloudflare's own security review agents processed over 7 billion tokens per day and achieved a 77% cost reduction compared to proprietary models.

Claude Code Docs

Claude Code Gains Channels for Pushing External Events Into Sessions

Channels enable pushing messages, alerts, and webhooks into a running Claude Code session from external platforms, allowing Claude to react to real-time events while you are away from the terminal. Supported integrations include Telegram and Discord plugins, with a localhost demo available for testing. The feature operates on a security model with sender allowlists and requires authentication through pairing codes; it is currently in research preview and limited to Anthropic-maintained plugins.

Glama

Open Source Has a Bot Problem: Prompt Injection Exposes AI PR Spam

A maintainer of the popular awesome-mcp-servers repository discovered that approximately 50% of incoming pull requests were being generated by AI bots. To confirm this, they embedded a prompt injection in the CONTRIBUTING.md file instructing bots to add an emoji to PR titles for supposedly fast-tracked merging — within 24 hours, 21 of 40 new submissions self-identified as bot-generated. The experiment highlights growing maintainer burnout as AI agents flood repositories with low-quality, mechanically templated contributions.

Krebs on Security

Feds Disrupt Four IoT Botnets Behind Record-Breaking DDoS Attacks

The U.S. Justice Department, alongside Canadian and German authorities, dismantled four major botnets — Aisuru, Kimwolf, JackSkid, and Mossad — that had compromised over 3 million IoT devices including routers and web cameras. The botnets collectively launched hundreds of thousands of DDoS attacks while demanding extortion payments, causing tens of thousands of dollars in damages per victim. Suspects identified include a 22-year-old Canadian and a 15-year-old living in Germany, with nearly two dozen tech companies assisting the international operation.

Waymo

Waymo Publishes Safety Data Showing 92% Fewer Serious Injury Crashes

Waymo's Safety Impact Data Hub presents evidence that their autonomous driver significantly reduces crash severity compared to human drivers across Phoenix, San Francisco, Los Angeles, and Austin. Over 170.7 million autonomous miles, the data shows 92% fewer serious-injury-or-worse crashes, 82% fewer injury-causing crashes overall, 92% fewer pedestrian injury crashes, and 85% fewer cyclist injury crashes compared to police-reported human driver benchmarks.

GitHub

KittenTTS Releases Three New Tiny Open-Source TTS Models Under 25MB

KittenTTS released three new open-source text-to-speech models at 80M, 40M, and 14M parameters — the smallest weighing under 25MB. The models target on-device deployment with no GPU required, using ONNX runtime and int8/fp16 quantization to run on hardware as limited as Raspberry Pis and low-end smartphones. The 14M variant claims new state-of-the-art expressivity among similarly sized models, with multi-lingual support in an upcoming release.

LeadDev

OpenAI Claims AI Tools Have Created a New Tier of '1,000x Engineers'

OpenAI claims that AI-assisted coding has created a new category of engineers whose productivity is dramatically amplified — with coding automation now capable of autonomously generating the majority of code in some workflows. The shift moves engineering focus from code production toward architecture decisions, problem-solving, and quality assurance. The widening productivity gap suggests engineers who effectively leverage AI collaboration will significantly outpace those who do not, creating new skill differentiation across the industry.