A week of massive transitions in the software industry. Google I/O 2026 arrived on May 19, shifting Google’s focus entirely from assistive AI to autonomous agents with Gemini 3.5 Flash, the Antigravity 2.0 desktop platform, and Managed Agents. Anthropic responded on May 18 by acquiring developer tools startup Stainless to lock down SDK and Model Context Protocol tooling, followed by holding its Code with Claude developer conference in London on May 19 where it added self-hosted sandboxes and secure tunnels. Anthropic also hired Andrej Karpathy to lead pre-training research.

On the capital markets side, SpaceX publicly filed its S-1 registration statement on May 20, revealing the details of a 40 billion dollar compute rental deal with Anthropic. Meanwhile, OpenAI prepared a confidential IPO filing with Goldman Sachs and Morgan Stanley. Corporate restructuring hit a new peak as Meta laid off 8,000 employees and Intuit cut 3,000 workers to refocus budgets on AI. On the security front, the developer ecosystem faced another major threat as a Laravel-Lang supply chain compromise hit hundreds of historical Composer package versions on May 22. Here is everything that mattered in the developer world.

Top Stories This Week

Google I/O 2026: The Agentic Gemini Era -

Google kicked off its annual developer conference on May 19 at the Shoreline Amphitheatre in Mountain View. CEO Sundar Pichai shared that the Gemini app has doubled its monthly active users to 900 million over the past year, processing 9.7 trillion tokens per month across Google’s portfolio. The central theme of the event was the transition from assistive prompts to autonomous agentic execution.

Gemini 3.5 Flash and Omni:

Google introduced Gemini 3.5 Flash, its latest family of action-oriented models. Flash runs at 289 tokens per second, which Google claims is four times faster than competitors, and outperforms Gemini 3.1 Pro on coding and agentic benchmarks. It is now the default model for the Gemini app and AI Mode in Search globally. Google also unveiled Gemini Omni Flash, a multimodal model that generates high-quality video from combined images, audio, video, and text inputs, rolling out immediately to Google AI subscribers and YouTube Shorts.

Antigravity 2.0 and Managed Agents:

The platform center of Google’s agent strategy is Antigravity 2.0, a standalone desktop application built to orchestrate multiple developer agents in parallel. The Antigravity agent harness has been upgraded with core primitives like dynamic subagents, asynchronous task scheduling, and hooks. Google is unifying its terminal developer workflows by deprecating the Gemini CLI and asking users to migrate to the Antigravity CLI.

For backend developers, Google launched Managed Agents in the Gemini API. A single API call provisions an autonomous agent that can reason, use tools, and safely execute code inside an isolated Linux sandbox managed by Google.

Workspace and Consumer Agents:

Google showed Gemini Spark, a personal AI agent that runs 24/7 on dedicated Google Cloud virtual machines. Spark can coordinate background research, compare products, and manage workflows even when the user’s devices are completely turned off. For commerce, Universal Cart lets users add items from different stores into a single AI-managed checkout, automatically tracking stock and completing purchases.

Anthropic Acquires Stainless for SDK and MCP Tooling -

On May 18, Anthropic announced the acquisition of Stainless, a developer tools startup backed by Sequoia Capital and Andreessen Horowitz. Founded by former Stripe engineer Alex Rattray, Stainless is widely used across the industry, including by OpenAI, Google, and Cloudflare, to automatically generate and maintain high-quality SDKs and Model Context Protocol (MCP) server tooling from OpenAPI specifications.

The acquisition is valued at over 300 million dollars. Anthropic intends to wind down all hosted Stainless products, including the public SDK generator, taking a vital piece of developer infrastructure out of the hands of its competitors. An Anthropic spokesperson noted that existing Stainless customers will keep full ownership of their generated SDK code and are free to modify and extend it. The acquisition represents a strategic effort to consolidate control over the libraries and connectors that developer agents use to interact with external APIs.

SpaceX Files S-1 IPO Showing $40B Anthropic Compute Deal -

On May 20, SpaceX publicly filed its Form S-1 registration statement with the SEC, setting up one of the largest public market debuts in history. Seeking to raise up to 80 billion dollars at a valuation near 2 trillion dollars on the Nasdaq under ticker symbol SPCX, the filing provided the first official, detailed view of SpaceX’s consolidated financials.

The company reported 18.7 billion dollars in consolidated revenue for fiscal year 2025 and 4.7 billion dollars in Q1 2026, alongside an operating loss of 2.6 billion dollars in 2025 and 1.9 billion dollars in Q1 2026. Starlink dominated the revenue mix, generating 11.4 billion dollars in 2025.

The Anthropic compute deal:

The filing officially disclosed a massive computing transaction between SpaceX and Anthropic. Under their agreement, Anthropic is paying SpaceX 1.25 billion dollars per month through May 2029, representing a total of 40 billion dollars, to rent unused capacity in data centers that was originally established before the merger of xAI into SpaceX. On X, Anthropic confirmed it is expanding the partnership to scale up its capacity on GB200 servers inside the new Colossus 2 data center starting in June.

OpenAI Prepares Confidential IPO Prospectus -

While SpaceX went public with its registration statement, CNBC confirmed on May 20 that OpenAI is preparing a confidential draft of its own initial public offering prospectus. The company has engaged Goldman Sachs, Morgan Stanley, and JPMorgan Chase as lead underwriters for a potential listing between Labor Day and Thanksgiving in September 2026.

OpenAI is currently valued at over 850 billion dollars in private markets, and the IPO could push it past a 1 trillion dollar valuation. The confidential filing process allows OpenAI to refine its financial statements and corporate structure with the SEC privately before initiating public investor roadshows. CFO Sarah Friar recently stated that operating with public company hygiene is standard governance for a firm of OpenAI’s scale.

Meta Begins 8,000 Layoffs and Reallocates 7,000 to AI -

On May 20, Meta began laying off roughly 8,000 employees, about 10 percent of its global workforce, as part of an aggressive restructuring aimed at flattening management layers and cutting operational overhead. The cuts coincide with a massive capital expenditure increase, with Meta funneling up to 145 billion dollars into AI data centers and chips.

CEO Mark Zuckerberg told remaining staff that success is not guaranteed in the AI era. In addition to the layoffs, Meta is forcing approximately 7,000 remaining staff into AI-focused roles and closing 6,000 unfilled open positions, bringing its total job cuts since late 2022 to nearly 35,000.

Intuit Lays Off 3,000 Workers in sweeping 17% AI Restructuring -

On May 20, Intuit announced a major reorganization, laying off 17 percent of its full-time workforce, affecting over 3,000 employees. The restructuring will cost between 300 million and 340 million dollars in severance and lease termination charges.

CEO Sasan Goodarzi stated in an internal memo that the restructuring is designed to reduce corporate complexity and speed up execution. The plans include flattening management structures, co-locating engineering teams in strategic hubs, closing offices in Reno and Woodland Hills, and scaling back investment in Mailchimp to reallocate capital directly to its primary AI growth engines across TurboTax, QuickBooks, and Credit Karma.

Andrej Karpathy Joins Anthropic Pre-Training Team -

On May 19, Andrej Karpathy, co-founder of OpenAI and former director of AI at Tesla, announced he has joined Anthropic. Karpathy will report to Nicholas Joseph, Anthropic’s head of pre-training, and will build a new team focused on using Claude itself to automate and accelerate pre-training research.

Pre-training is the most expensive and compute-heavy phase of building large language models. The appointment represents a strategic bet by Anthropic on using recursive model-driven research to optimize training efficiency. Karpathy announced that his education startup, Eureka Labs, is on pause while he focuses on his new role. On the same day, Anthropic also hired Chris Rohlf, a veteran cybersecurity researcher with experience at Meta, to join its frontier red-teaming group.

Developer Tools & Platforms

Cursor Releases Composer 2.5 and Integrates with Jira

On May 18, Cursor launched Composer 2.5, its latest and most capable coding model, making it the new default in the model picker. Composer 2.5 is built on Moonshot’s Kimi K2.5 base and uses a custom Sharded Muon optimizer with dual-mesh HSDP for scaling on Colossus 2. Cursor claims the model is significantly better at sustained work on long-running tasks, handles complex multi-file instructions more reliably, and was trained on 25 times more synthetic tasks with targeted textual feedback during reinforcement learning.

On May 19, Cursor released a direct integration with Jira. Developers can now mention @Cursor in a Jira comment or assign a work item to Cursor to automatically kick off a cloud agent. The agent uses the ticket description, comments, and repository configurations to scope the task and posts a completion update in Jira with a link to the proposed pull request.

On May 20, Cursor 3.5 brought Automations to the Agents Window, letting users run multi-repo and no-repo agents inside their local workspace. No-repo automations can monitor external channels like Slack, Databricks, or Stripe to deliver analytics, digests, and FAQ responses.

Claude Platform Adds Self-Hosted Sandboxes and MCP Tunnels -

During the Code with Claude developer conference in London on May 19, Anthropic announced two significant upgrades to its developer platform.

  • Self-Hosted Sandboxes: Now in public beta, this feature lets Claude Managed Agents execute tools and run code inside isolated environments hosted and managed directly within the customer’s own cloud infrastructure.
  • MCP Tunnels: Now in research preview, this feature allows Claude agents to securely connect to private Model Context Protocol (MCP) servers inside an enterprise network. Tunnels establish end-to-end encrypted outbound connections using a lightweight local gateway, removing the need to expose internal databases or APIs to the public internet.

Additionally, Anthropic introduced routines in Claude Code, allowing Claude to systematically prompt itself to run tests, verify changes, and execute long-horizon development tasks in the background.

OpenAI Partners with Dell for On-Premises Codex -

On May 18, OpenAI announced a partnership with Dell Technologies to bring Codex to hybrid and on-premises enterprise environments. The partnership will connect Codex with the Dell AI Data Platform, allowing enterprises to securely run OpenAI’s coding agents near sensitive internal codebases, documents, and business systems of record. Dell and OpenAI will also integrate Codex, ChatGPT Enterprise, and their developer APIs with the Dell AI Factory to streamline data preparation, automated testing, and secure on-premises deployment.

Microsoft Open Sources RAMPART and Clarity -

On May 20, Microsoft Security open-sourced two developer safety tools:

  • Microsoft RAMPART: An agent testing framework designed to encode adversarial and benign security scenarios as repeatable tests that can run in CI pipelines, helping prevent security regressions in autonomous agents.
  • Clarity: A structured planning tool that serves as a sounding board, helping development teams clarify requirements and define system behaviors before writing code.

GitHub Copilot Updates: Model Additions and Eclipse Open Source

GitHub shipped several updates to the Copilot ecosystem this week:

Core Language and Framework Updates

  • Node.js v24.16.0 LTS: Released on May 21 under codename Krypton, bringing security updates and stability improvements to the active Long Term Support line.
  • Google ADK Python v2.0 GA: Launched on May 19, Google’s Agent Development Kit provides a production-ready, code-first Python framework for building, evaluating, and deploying multi-agent workflows with flexible execution graphs and native inter-agent routing.
  • FastAPI 0.136.2: Released on May 23, shipping minor bug fixes and performance improvements.

Security

Laravel-Lang Composer Supply Chain Attack -

On May 22 and May 23, attackers compromised the release tags of four community-maintained localization libraries under the Laravel-Lang namespace on Packagist: laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions.

The attackers bypassed traditional branch protection by directly rewriting Git tags to point to commits in a malicious fork, exploiting how Packagist parses and caches release tags. The compromise affected around 700 historical versions.

The malicious tags modified composer.json to register a src/helpers.php file under autoload.files, which executes automatically whenever the Composer autoloader initializes. The script contacts flipboxstudio[.]info to download and run a 5,900-line PHP-based cross-platform credential stealer. The malware harvests cloud credentials, Kubernetes secrets, Vault tokens, local .env files, browser data, and SSH keys before encrypting the data and exfiltrating it. Packagist responded on May 23 by removing the malicious versions and temporarily unlisting the packages. Developers should immediately check composer.lock for these packages and rotate any exposed keys.

LiteSpeed cPanel Plugin Root Privilege Escalation CVE-2026-48172 -

On May 19, security researcher David Strydom reported a critical privilege escalation flaw in the LiteSpeed User-End cPanel Plugin. Tracked as CVE-2026-48172 with a CVSS score of 10.0, the vulnerability resides in the lsws.redisAble function. Any unauthenticated cPanel user can exploit the flaw via the cPanel JSON API to execute commands with root privileges, compromising shared hosting environments. The flaw was actively exploited in the wild as a zero-day before discovery. LiteSpeed released a patch on May 21 in cPanel plugin version 2.4.7 bundled with WHM plugin version 5.3.1.0.

TeamPCP Hits AntV Ecosystem with Mini Shai-Hulud Wave -

On May 19, the threat actor group TeamPCP executed a coordinated account takeover of two npm maintainer accounts, atool and prop. The attackers pushed 639 malicious versions across 323 unique packages within under an hour. Compromised dependencies include echarts-for-react, size-sensor, and timeago.js, alongside 37 packages in Alibaba’s AntV data visualization ecosystem.

The malicious versions use a preinstall hook to execute a 498 KB obfuscated Bun bundle. The payload scrapes runner memory to capture masked CI/CD secrets, harvests cloud and SSH credentials, and uses stolen GitHub tokens to automatically create over 2,100 public repositories containing reversed Dune-themed descriptions.

CISA Adds Ten Vulnerabilities to the KEV Catalog

CISA updated its Known Exploited Vulnerabilities (KEV) catalog with several additions this week:

Funding & Industry Deals

Hark Secures $700M Series A for Universal AI Interface -

On May 21, Hark raised 700 million dollars in a Series A round led by Parkway Venture Capital, valuing the company at 6 billion dollars. Investors include Nvidia, AMD Ventures, Intel Capital, Qualcomm Ventures, Salesforce Ventures, Greycroft, and ARK Invest. Founded in late 2025 by Brett Adcock with 100 million dollars of his own capital, Hark is building a secretive personal AI system intended to serve as a universal interface for the digital world. The capital will be spent on compute, B200 GPU capacity, and hiring.

Socket Closes $60M Series C at $1B Valuation -

On May 20, Socket raised 60 million dollars in Series C funding at a 1 billion dollar valuation, led by Thrive Capital. Andreessen Horowitz, Abstract Ventures, and Capital One Ventures also participated. The round brings Socket’s total funding to 125 million dollars. Socket provides developer tools to secure software supply chains against malicious open source dependencies.

Viktor Raises $75M Series A for AI Coworkers -

On May 20, Viktor secured 75 million dollars in Series A funding led by Accel. Founded in late 2025 by Fryderyk Giatrowski and Peter Albert, Viktor is an AI coworker that integrates with Slack and Microsoft Teams to coordinate across business software. The company publicly launched in February and reached a 15 million dollar annualized revenue run rate in its first ten weeks of operation.

Unframe Closes $50M Growth Round for AI Delivery -

On May 18, Unframe raised 50 million dollars in growth funding led by Highland Europe, doubling its total funding to 100 million dollars. Led by Shay Levi, Unframe provides an enterprise AI delivery and deployment platform, posting over 100 million dollars in total contract value over the past year.

Coupa Acquires Tonkean for Agentic Intake -

On May 21, Coupa announced the acquisition of Tonkean, a no-code agentic intake and workflow orchestration platform. Coupa will integrate Tonkean’s capabilities to offer Agentic-as-a-Service workflows across its global network of buyers and suppliers.

Qualtrics Completes $6.75B Press Ganey Forsta Acquisition -

On May 18, Qualtrics completed its acquisition of Press Ganey Forsta for 6.75 billion dollars. The transaction represents the largest technology acquisition in Utah’s history, combining experience management platforms to create a comprehensive healthcare dataset for training experience-focused AI models.

The Numbers That Matter

  • 9.7 Trillion Tokens processed per month across Google’s consumer products, announced at Google I/O on May 19
  • $1.25 Billion Monthly capacity rental paid by Anthropic to SpaceX under their S-1 compute disclosure on May 20
  • $6.75 Billion Acquisition value of Press Ganey Forsta by Qualtrics, closed on May 18
  • 17% Workforce reduction at Intuit on May 20, cutting over 3,000 employees
  • 700+ Historical versions of Laravel-Lang packages targeted in a Git tag supply chain compromise on May 22
  • $700 Million Series A raised by Hark on May 21, valuing the company at 6 billion dollars

Quick Hits

  • Google I/O 2026 - May 19. Google introduced Gemini 3.5 Flash, Gemini Omni Flash, Antigravity 2.0 desktop orchestration, and Managed Agents in the Gemini API.
  • Code with Claude London - May 19. Anthropic launched self-hosted sandboxes and secure MCP tunnels for Claude Managed Agents, alongside routines for Claude Code background execution.
  • SpaceX S-1 Filing - May 20. Filed Form S-1 for Nasdaq IPO, revealing 18.7 billion dollars in 2025 revenue and a 40 billion dollar compute hosting deal with Anthropic.
  • OpenAI IPO Progress - May 20. Reports confirmed OpenAI is preparing a confidential US IPO draft for a potential September 2026 public listing.
  • Andrej Karpathy Hire - May 19. Karpathy joined Anthropic’s pre-training team to build model-driven pre-training research workflows.
  • Meta Layoffs - May 20. Laid off 8,000 workers (10 percent of staff) and forced 7,000 into AI roles as capital expenditures reached 135 to 145 billion dollars.
  • Intuit Cuts - May 20. Cut 17 percent of workforce (3,000 workers) and closed two offices to reallocate resources to Core AI engines.
  • Cursor 3.5 - May 20. Brought Automations to the Agents Window, enabling multi-repo and no-repo workspace agents.
  • Laravel-Lang Supply Chain Compromise - May 22-23. Attackers rewrote historical tags across four localization packages to inject a cross-platform PHP credential stealer.
  • LiteSpeed CVE-2026-48172 - May 19. Critical root privilege escalation flaw in LiteSpeed’s cPanel plugin actively exploited as a zero-day.
  • Mini Shai-Hulud Waves - May 19. TeamPCP compromised atool and prop npm maintainer accounts to infect 323 packages with memory-scraping malware.
  • Socket Series C - May 20. Raised 60 million dollars at a 1 billion dollar valuation led by Thrive Capital.
  • Hark Series A - May 21. Raised 700 million dollars at a 6 billion dollar valuation led by Parkway Venture Capital.
  • CISA KEV Additions - May 20-22. CISA added Drupal, Langflow, Trend Micro, and Microsoft Defender exploits to KEV.
  • OpenAI Dell Partnership - May 18. Partnered to deploy Codex in secure on-premises and hybrid Dell AI Factory environments.

The shift from assistive AI to autonomous agency reached its tipping point this week. Google and Anthropic are no longer competing on just model benchmarks. They are fighting to control the runtime environments where agents live. Google’s launch of Managed Agents in the Gemini API, alongside Anthropic’s release of self-hosted sandboxes and secure MCP tunnels, shows that both labs are building secure, isolated infrastructure to let models execute real-world code and query databases safely.

This transition requires a massive rewrite of enterprise software pipelines. The Laravel-Lang tag rewrite attack on May 22 and the Mini Shai-Hulud npm takeover on May 19 show that the package registry model remains highly vulnerable to automated exploitation. Attackers are no longer just typosquatting. They are hijacking GitHub release workflows and manipulating Composer caches. As developer agents write and pull dependencies automatically, securing the software supply chain has moved from a compliance check to a critical defense requirement.

See you next week.