John Ternus becomes Apple's new CEO, GitHub Copilot pauses sign-ups as agentic workloads strain infrastructure, and Kimi K2.6 advances open-source coding

GitHub Blog

GitHub Copilot Pauses New Sign-Ups as Agentic Workloads Exceed Plan Limits

GitHub paused new sign-ups for Copilot Pro, Pro+, and Student plans, citing intensifying compute demands from agentic workflows where long-running parallelized sessions now regularly exceed plan limits — with some sessions incurring costs that exceed the monthly plan price. The company simultaneously tightened usage limits, removed Opus model access from Pro plans (retained on Pro+), and added real-time token usage visibility in VS Code and Copilot CLI. Session and weekly token caps now apply alongside premium request allowances, with users who hit limits falling back to Auto model selection until the window resets. GitHub framed the changes as a temporary measure while it develops a more sustainable pricing and infrastructure model for agentic use cases.

Kimi Blog

Kimi K2.6: Moonshot AI Advances Open-Source Coding and Agent Coordination

Moonshot AI released Kimi K2.6, an open-source language model with enhanced long-horizon coding capabilities across Rust, Go, and Python, and the ability to generate complete front-end interfaces from simple prompts. Agent coordination has been significantly upgraded: the model now supports up to 300 specialized sub-agents executing 4,000 simultaneous steps — triple the capacity of its predecessor — enabling faster parallel processing for complex tasks. K2.6 continues Moonshot's strategy of releasing frontier-competitive open-source models, further extending the lead it established with K2.5 in January.

Adweek

Leaked Deck Reveals StackAdapt's Playbook for Selling Ads Inside ChatGPT

A leaked pitch deck reveals that demand-side platform StackAdapt is positioning itself as OpenAI's primary ad partner, selling placements inside ChatGPT based on 'prompt relevance' — targeting users in active research sessions rather than passive browsing. The pilot program carries CPMs of $15–$60 and a $50,000 minimum spend, framing ChatGPT as a new 'discovery layer' where high-intent queries can surface commercial results. The deck signals that OpenAI's ad strategy is further along than publicly acknowledged, with a structured reseller relationship already underway before any official announcement.

TechCrunch

Deezer: 44% of Daily Song Uploads Are Now AI-Generated

Music streaming platform Deezer reports that 44% of its daily song uploads are now AI-generated, with approximately 75,000 AI tracks arriving per day — a sevenfold increase from 10,000 in January 2025. Despite the flood of AI content, only 1–3% of actual platform streams are AI music, and 85% of those identified as AI-generated are flagged as fraudulent streaming fraud. Deezer has implemented controls including AI track labeling, algorithmic exclusion from recommendations, and detection measures, but the numbers illustrate how generative audio tools are overwhelming platform content pipelines.

GitHub Blog

Highlights from Git 2.54

Git 2.54 ships a new experimental `git history` command for targeted, working-tree-free history rewrites — supporting `reword` and `split` operations without the complexity of interactive rebase. Config-based hooks let developers define hooks in `.gitconfig` rather than per-repository scripts, enabling centralized management with multiple hooks per event and per-repo opt-out via `hook.<name>.enabled = false`. Geometric repacking is now the default `git maintenance` strategy, providing more efficient incremental repository maintenance out of the box, alongside improvements to `git add -p` navigation, HTTP 429 retry handling, and `git log -L` compatibility with pickaxe search options.

filippo.io

Quantum Computers Are Not a Threat to 128-Bit Symmetric Keys

This article debunks the common claim that 128-bit symmetric encryption needs to be doubled for quantum resistance. While Grover's algorithm theoretically halves the effective key length, breaking AES-128 would require 140 trillion quantum circuits running in parallel for a decade — an entirely impractical attack compared to currently vulnerable 256-bit elliptic curves. NIST, Germany's BSI, and leading cryptographers confirm AES-128 remains secure for decades; organizations should focus quantum-migration resources on protecting asymmetric cryptography rather than chasing unnecessary symmetric key size increases.

Isaac Corbrey

Jujutsu Megamerges for Fun and Profit

This article introduces the 'megamerge' workflow in Jujutsu version control: combining multiple active branches into a single local octopus merge commit to verify all changes compile and run together before submission. The technique surfaces integration conflicts early — before code review — while keeping individual branches independent for publication. Because the megamerge is strictly local, it adds no noise to project history, and commands like `jj absorb`, `jj squash`, and custom revset aliases make the workflow ergonomic for developers managing several in-progress changes simultaneously.

LeadDev

The End of the Non-Technical Engineering Manager

Engineering managers without technical depth are becoming obsolete as AI automation reduces coordination overhead and companies flatten organizational structures. The article argues that people management skills alone are no longer sufficient — managers must develop 'architectural literacy' and genuine technical engagement to operate at the speed modern organizations demand. The role is expanding into a compound skill requiring leadership, coaching, and technical contribution; those who avoid the technical dimension face irrelevance as the work that justified their position is automated away.

sdushantha.github.io

Command Execution via Drag-and-Drop in Terminal Emulators

A critical vulnerability in popular terminal emulators allows attackers to execute arbitrary commands through specially crafted filenames that embed control characters — Ctrl+C and Enter — injecting shell commands when a user drags and drops a file into the terminal. The payload can be concealed through filename truncation, making the attack invisible to users. Multiple emulators including Kitty and xfce4-terminal have been patched; users should update immediately or switch to unaffected alternatives such as Alacritty.