Thursday, 04 June 2026

Gemma 4 12B open multimodal model; Elixir v1.20 adds gradual typing; Trail of Bits exposes AI skill scanner failures

Today's Lead

Google Blog

Google Releases Gemma 4 12B Open Multimodal Model

Google announced Gemma 4 12B, a unified multimodal AI model designed to run on consumer laptops with 16 GB of VRAM, processing text, images, and audio natively through lightweight embedding modules instead of traditional encoders—delivering near-26B performance in a smaller footprint. The model supports agentic workflows, multi-step reasoning, and a new Skills Repository for developers, and immediately gained tooling support across vLLM, Ollama, llama.cpp, and Unsloth GGUFs. With over 150 million Gemma downloads already, the release positions the open-weight ecosystem as a serious local-first alternative to hosted frontier models.

Read →

Also today

Elixir Blog

Elixir v1.20 Released as a Gradually Typed Language

Elixir v1.20 introduces a gradual type system that performs type inference across all programs without requiring developer annotations, using a dynamic() type to minimize false positives while catching verified bugs and dead code at compile time. The type checker handles guard clauses, pattern matching refinement, tuple size assertions, and map key presence—all without breaking existing codebases. The release also delivers multi-core compilation time improvements and lays groundwork for typed struct definitions and explicit type signatures in future versions.

Read →

Trail of Bits Blog

Trail of Bits: AI Agent Skill Scanners Fail Basic Security Tests

Trail of Bits researchers bypassed all tested AI agent skill security scanners—including those integrated into ClawHub, skills.sh, and Cisco's open-source tool—using straightforward attacks: 100,000-line file padding, poisoned Python bytecode embedding, and crafted prompt injection. Scanners were tricked into marking overtly malicious skills as safe by each technique, often in under an hour. The researchers recommend abandoning public skill marketplaces for sensitive agents and instead using curated sources with traditional software supply chain controls, since the fundamental trust model of automated skill scanning is broken.

Read →

Spotify Engineering

Spotify: Coding Is No Longer the Development Bottleneck

Spotify reports that 99% of engineers now use AI coding tools weekly, with a 76% increase in PR frequency since adopting Claude Opus 4.5. The company built Honk, a background coding agent running on their Kubernetes infrastructure via Claude's Agent SDK, which automated a Java migration in three days instead of weeks. The post argues the development constraint has fundamentally shifted from code production capacity to human decision-making—and that Spotify's years of investment in standardization made AI agents effective at scale.

Read →

Let's Encrypt Blog

Let's Encrypt Outlines Post-Quantum Certificate Future

Let's Encrypt is adopting Merkle Tree Certificates (MTCs) to address the size problem with post-quantum cryptography: algorithms like ML-DSA-44 produce 2,420-byte signatures versus RSA-2048's 256 bytes, causing TLS handshakes to exceed 10 KB and break on real networks. MTCs batch certificates under a single signature and let browsers receive batch signatures separately from handshakes, dramatically reducing per-connection overhead. Staging is planned for late 2026 with production in 2027, requiring coordinated changes across ACME clients, browsers, and IETF standards.

Read →

Yale E360

U.S. to Shut Down Ocean Monitoring Network Tracking AMOC Collapse Risk

The Trump administration is decommissioning the Ocean Observatories Initiative (OOI), a network of 900+ scientific instruments that has tracked Atlantic and Pacific ocean conditions—including the Atlantic Meridional Overturning Circulation (AMOC)—since 2016. Scientists warn that the shutdown removes critical early-warning capability at precisely the moment the AMOC is approaching a potential tipping point where it could collapse and disrupt global climate. The dismantling will occur over 15 months, affecting sensors off Oregon, Washington, Alaska, North Carolina, and between Greenland and Iceland.

Read →

Espressif Systems

Espressif Launches ESP32-S31 Dual-Core RISC-V IoT SoC

Espressif unveiled the ESP32-S31, a dual-core RISC-V microcontroller running at 320 MHz with 512 KB SRAM, DDR PSRAM support, and 60 GPIO pins, aimed at smart displays, video doorbells, and edge AI applications. Connectivity includes Wi-Fi 6, Bluetooth 5.4 LE, Bluetooth Classic, IEEE 802.15.4, and Gigabit Ethernet, alongside hardware JPEG encoding and image processing accelerators. Security features include hardware secure boot, encryption, cryptographic accelerators, and a Trusted Execution Environment.

Read →

MacRumors

Apple Doubles MacBook Neo Production to 10 Million Units

Apple has doubled its 2026 MacBook Neo production target from 5 million to 10 million units after analyst Ming-Chi Kuo reported unexpectedly strong demand for the $599 A18 Pro-powered laptop. Tim Cook called customer response 'off the charts,' with the MacBook Neo driving record numbers of first-time Mac buyers. Apple plans a second-generation model for next year with an A19 Pro chip and 12 GB of RAM.

Read →

maxleiter.com

"They're Made Out of Weights": A Short Story About LLMs

Max Leiter's short story parodies Terry Bisson's "They're Made Out of Meat," reframing the classic dialogue as a philosophical exchange about large language models—systems of numerical weights performing matrix multiplication, with knowledge "smeared" across all parameters rather than stored explicitly. Through absurdist conversation, it explores whether statistical pattern-matching constitutes genuine understanding and why humans persistently anthropomorphize these systems despite their purely computational nature. It earned 500+ points on Hacker News and sparked 169 comments on AI consciousness and the nature of understanding.

Read →