Meta bets on personal superintelligence with Muse Spark, Anthropic ships Claude Managed Agents, and Microsoft's termination of VeraCrypt's account halts Windows driver signing

Anthropic

Anthropic Ships Claude Managed Agents

Anthropic launched Claude Managed Agents, a cloud-hosted platform offering composable APIs for building and deploying autonomous agents at scale. The platform handles the infrastructure commonly taking months to build in-house: secure sandboxing, long-running sessions with state persistence, multi-agent coordination, and governance tooling with full execution traces. Internal benchmarks show up to 10-point improvements in task success rates for structured file generation versus standard prompting. Early adopters include Notion, Rakuten, Asana, and Sentry, who are using the platform for AI-powered workspace features, enterprise integrations, and automated debugging.

404 Media

Microsoft Abruptly Terminates VeraCrypt's Developer Account, Halting Windows Updates

Microsoft terminated the developer account associated with VeraCrypt — one of the most widely deployed open-source disk-encryption tools — without public explanation, blocking the project's ability to sign new Windows drivers and halting future Windows updates. Because Windows requires kernel drivers to carry a valid Microsoft signature, the termination effectively freezes VeraCrypt on the platform until the account issue is resolved or a new signing arrangement is found. The incident illustrates the structural dependency open-source security software has on big-tech platform accounts and raises supply-chain stability concerns for the many organisations relying on VeraCrypt for full-disk encryption.

Bryan Keller's Blog

Bryan Keller Boots Mac OS X on a Nintendo Wii

Bryan Keller ported Mac OS X 10.0 (Cheetah) to a Nintendo Wii, achieving a working GUI with input handling on hardware Apple never targeted. The project required a custom bootloader, Block Address Translation patching to reconcile the PowerPC memory models, dual-framebuffer conversion to the Wii's YUV format, and fake PCI device nubs to expose USB through IOKit's driver stack — all without modifying the OS image itself. The write-up is a detailed systems-engineering walkthrough showing how deep knowledge of bootloaders and kernel internals can paper over hardware incompatibilities that appear insurmountable on the surface.

Flatpak Security Advisory

Critical Flatpak Sandbox Escape — CVE-2026-34078

A critical vulnerability in the Flatpak portal allows sandboxed applications to escape confinement via symlink-based path manipulation of sandbox-expose options, granting read/write access to arbitrary host files and enabling code execution at host privilege level. All versions prior to 1.16.4 are affected. Users should upgrade immediately; as a temporary mitigation the Flatpak Portal service can be disabled via systemctl, though this breaks applications that depend on portal APIs.

arXiv

MegaTrain: Full-Precision Training of 100B+ LLMs on a Single GPU

MegaTrain enables full-precision training of 100B+ parameter models on a single GPU by keeping parameters and optimizer states in CPU memory and treating the GPU as a transient compute engine. Pipelined double-buffered execution across CUDA streams overlaps parameter prefetching, computation, and gradient offloading, while stateless layer templates eliminate autograd graph overhead. The system achieves 1.84× the training throughput of DeepSpeed ZeRO-3 on comparable hardware, and can train 7B models with 512k-token context windows on a single H200 — dramatically lowering the hardware bar for large-scale LLM development.

aphyr.com

Kyle Kingsbury: ML Promises to Be Profoundly Weird

Kyle Kingsbury (aphyr) argues that LLMs are structurally unreliable — they generate plausible-sounding outputs without genuine understanding, creating a "jagged technology frontier" where models excel at some tasks while failing trivial logical ones. The danger, he writes, is that this unpredictable competence is invisible to users who receive confident-sounding wrong answers. The post is a call for engineers to treat LLM output as fundamentally unverified and to build rigorous verification into any workflow that relies on it, rather than assuming capability observed in one domain transfers to another.

The Drive

John Deere to Pay $99M in Right-to-Repair Settlement

John Deere agreed to a $99 million settlement covering overcharges on authorized dealer repairs since January 2018, with affected farmers recovering 26–53% of damages — well above the 5–15% typical in similar cases. Beyond the payment, Deere must provide digital diagnostic and repair tools to farmers for ten years, converting a previously non-binding 2023 memorandum of understanding into a legally enforceable commitment. The settlement is being watched as a bellwether for right-to-repair disputes in automotive and consumer electronics, and the FTC is reportedly weighing a follow-on action that could set broader industry precedent.

Objective Development

Little Snitch Comes to Linux

Objective Development launched Little Snitch for Linux, bringing the macOS network-monitoring tool's per-process connection visibility and blocking to the Linux desktop and server. The implementation uses eBPF for kernel-level traffic interception and Rust for application logic, with a web-based UI that also allows remote monitoring of headless servers. The tool is free with open-source kernel and UI components. In the post, the team notes that a stock Ubuntu system generates roughly 9 outbound connections per week, versus over 100 on a comparable macOS install — a data point illustrating why Linux users have historically had less urgency for this category of tool.

Cloudflare Blog

Cloudflare: Automating Magic-Packet Generation for BPF Malware with Z3

Cloudflare's security team describes filterforge, an open-source tool that uses symbolic execution and the Z3 theorem prover to automatically reverse-engineer Berkeley Packet Filter programs embedded in Linux malware backdoors. Rather than manually tracing through 100–200 instructions of BPF bytecode to discover the "magic packet" that triggers a dormant implant, filterforge models each instruction as a constraint and solves for the required byte values at specific offsets — reducing hours of manual analysis to seconds. The approach is particularly relevant as BPF backdoors have become a favoured persistence mechanism for sophisticated threat actors, since BPF programs run inside the kernel and are invisible to most user-space monitoring tools.