← All briefings
📰

subtl daily briefing

Share𝕏in
AllAICryptoSaaSFinanceStartups

Good morning, builders. The AI arms race just shifted into a new gear — OpenAI dropped GPT-5.5 exactly one week after Anthropic's Opus 4.7, while Anthropic quietly crossed a $1 trillion valuation and DeepSeek unveiled a 1.6 trillion parameter monster. Meanwhile, Meta is literally turning its employees into AI training data while laying off 8,000 of them — a story you won't want to skip.

In today's briefing

  • 1.GPT-5.5 Launches, Anthropic Hits $1T
  • 2.Meta Monitors Workers to Train AI Replacements
  • 3.DeFi United Raises ETH After Kelp Exploit
  • 4.AI Security Threats Escalate on Multiple Fronts
  • 5.SaaS Pricing Under Pressure From Claude Integrations
  • Quick hits on other news
Latest Developments
AI

🤖GPT-5.5 Goes Live as AI Labs Enter a Weekly Launch Cycle

The Rundown: OpenAI launched GPT-5.5 with advanced agentic capabilities just one week after Anthropic's Opus 4.7, while Anthropic quietly crossed a $1 trillion valuation — surpassing OpenAI itself.

The details:

  • GPT-5.5 scores 82.7% on Terminal-Bench 2.0, is priced at $5/M input tokens, features a 1M token context window, and is live in ChatGPT and Codex now.
  • OpenAI Workspace Agents automate Slack and team workflows for free until May 6, 2026 on Business, Enterprise, Edu, and Teachers plans.
  • Anthropic surpassed OpenAI with a $1 trillion valuation on Forge Global, driven by Claude Code adoption and scarce available shares.
  • DeepSeek V4-Pro launched with 1.6 trillion parameters and a 1M token context window, while DeepSeek is in talks to raise at a $20B valuation backed by Tencent and Alibaba. Qwen3.6-27B also beat Alibaba's own 397B model on SWE-bench (77.2 vs 76.2) while running on just 18GB VRAM.
Why it matters: The weekly launch cadence between OpenAI and Anthropic is compressing the evaluation cycle for founders and buyers dramatically — yesterday's benchmark leader is obsolete by next Thursday. For SaaS builders, the bigger signal is Anthropic's $1T valuation without being publicly traded: Claude Code is generating enterprise revenue fast enough to justify it. If you're building on top of these models, the switching cost question just became your most important product decision.

📰 Source: TLDR, AlphaSignal, The Neuron, Techpresso

Share𝕏in
AI

🕵️Meta Installs Keylogger Software on Employee Computers to Train AI — Then Lays Off 8,000

The Rundown: Meta installed invasive monitoring software called MCI on employee computers to capture every mouse movement and keystroke as training data for AI agents, while simultaneously announcing layoffs of 10% of its workforce.

The details:

  • Meta's MCI software captures every mouse movement, click, and keystroke on employee machines — the workflow data is used to train AI agents designed to automate those same jobs.
  • Meta is cutting 8,000 jobs and cancelling 6,000 open roles to redirect funds toward up to $135 billion in AI infrastructure spending this year, with layoffs effective May 20.
  • A $14.3 billion Scale AI partnership reflects the broader industry shift toward harvesting human workflow data as accessible text for model training becomes scarce.
  • The practice mirrors historical Taylorism — where factory workers were timed and analyzed to optimize production — now applied to knowledge workers at scale.
Why it matters: This is the starkest articulation yet of where the enterprise AI transition is headed: workers are simultaneously the training set and the workforce being replaced. For founders, it's a warning about the data moats forming inside big tech — Meta will have proprietary behavioral datasets that no startup can replicate. It also signals that enterprise software selling 'productivity AI' needs to think carefully about the ethics and optics of data collection, because regulators and workers are watching.

📰 Source: Casey Newton, MIT Technology Review, Techpresso

Share𝕏in
Security

🔐AI Security Threats Escalate: Autonomous GCP Hack, npm Worm, and Bitwarden Compromise

The Rundown: A week of serious security incidents saw an AI agent autonomously breach a GCP environment end-to-end, a self-propagating npm worm steal developer credentials, and the Bitwarden CLI npm package briefly compromised.

The details:

  • The Zealot AI multi-agent system autonomously breached a GCP environment — from network recon to SSRF exploitation to BigQuery data exfiltration — without any human intervention.
  • A worm-like npm supply-chain attack targeting Namastex Labs packages is stealing developer credentials, API keys, and crypto wallets while self-propagating to PyPI — immediate secret rotation is required.
  • The Bitwarden CLI npm package was briefly compromised via a malicious credential stealer exploiting a Checkmarx GitHub Action, targeting npm tokens, GitHub tokens, SSH keys, and cloud credentials.
  • Microsoft issued an emergency patch for CVE-2026-40372 in ASP.NET Core on macOS/Linux, requiring admins to upgrade, rotate the DataProtection key ring, and revoke all long-lived tokens issued while vulnerable.
Why it matters: The Zealot demonstration is the most alarming item here for enterprise security teams — autonomous AI attackers that can chain recon, exploitation, and exfiltration without human direction represent a step-change in threat sophistication. For founders building on cloud infrastructure, the combined npm worm and Bitwarden compromise is a reminder that your supply chain and credential management are now primary attack surfaces. Rotate secrets today, not after an incident.

📰 Source: TLDR InfoSec, TLDR

Share𝕏in
🔥 Synthesized from 2 sources

🏦DeFi United Raises 73,700 ETH After Kelp Bridge Exploit Creates 163,200 ETH Hole

The Rundown: The DeFi United recovery fund has filled roughly 45% of the 163,200 ETH deficit caused by the April 18 Kelp bridge exploit, with Aave's treasury potentially contributing another 25,000 ETH via a new TokenLogic proposal.

The details:

  • Aave launched the DeFi United relief fund alongside Lido and other providers after the Kelp bridge exploit left rsETH underbacked by over 100,000 ETH.
  • The fund has raised 73,700 ETH of the 163,200 ETH hole, with a new TokenLogic proposal to contribute 25,000 ETH from Aave's treasury.
  • Circle proposed emergency rate changes to unfreeze Aave's USDC pool stuck at 99.87% utilization since the attack.
  • Tether froze $344 million USDT on Tron at U.S. law enforcement request tied to alleged illicit activity — a separate but concurrent stress on DeFi liquidity.
Why it matters: The coordinated DeFi United response is a meaningful test of whether decentralized ecosystems can self-organize around systemic risk without a central backstop. If the fund closes the gap, it sets a precedent for protocol-level mutual insurance that could make DeFi significantly more attractive to institutional capital. The simultaneous Tether freeze, however, is a reminder that regulatory intervention in stablecoin infrastructure can freeze liquidity instantly — a structural risk that no recovery fund can hedge against.

Sources: The Defiant +1 other

Share𝕏in
SaaS

💸Claude Is Now Being Used to Kill SaaS Renewals — By Up to 45%

The Rundown: AI tools like Claude are increasingly being used by enterprise buyers to replicate vendor features at a fraction of the cost, triggering aggressive SaaS renewal renegotiations and putting pricing pressure across the software stack.

The details:

  • A real Claude integration replicated 95% of a vendor's AI features at 15% of the token cost, causing a customer to slash their SaaS renewal price by 45%.
  • Coding agents on Ramp's platform showed 13x token spend growth since January 2025, with the only effective cost control being routing approval decisions to a separate model rather than self-auditing.
  • The probabilistic founder framework argues for running ten cheap experiments instead of one expensive plan, using deliberately light roadmaps to ship results in days rather than quarters.
Why it matters: This is the SaaS pricing story that every founder and investor needs to internalize now. When a customer can use Claude to replicate your core feature set at 15 cents on the dollar, your moat is no longer your features — it's your data, your integrations, your network effects, and your switching costs. If your renewal conversations are starting to include 'we could just build this with Claude,' you have maybe two quarters to differentiate or reprice before it becomes a churn number.

📰 Source: TLDR Founders

Share𝕏in

Everything else in the news today

Bitcoin surged above $79,000, up 24% since the U.S.-Iran war began, with spot Bitcoin ETFs pulling in $4.5B in net inflows over the same period.
NY Attorney General Letitia James sued Coinbase and Gemini for operating unlicensed prediction markets, seeking profit disgorgement and a ban on products for users under 21.
Stripe and DoorDash moved stablecoin payments into production on Tempo, processing $10B+ annualized volume across Latin America with sub-second finality.
GSR launched the Crypto Core3 ETF (BESO) on Nasdaq offering BTC/ETH/SOL exposure with staking reward pass-through.
Z.ai released GLM-5.1, a 754B parameter open-weights MoE model that can autonomously run coding tasks for up to 8 hours, topping the Artificial Analysis Intelligence Index for open-weights models at $1.40/$4.40 per million tokens.
Band emerged from stealth with $17M to build a universal orchestration layer enabling AI agents across different frameworks and clouds to discover, delegate, and collaborate.
Anthropic's Mythos cybersecurity model surfaced thousands of vulnerabilities across major OSes and browsers, prompting Australia to raise concerns the tool could accelerate sophisticated attacks.
Claude now integrates with AllTrails, Instacart, and TripAdvisor for seamless task completion without leaving the chat interface.
Cognition AI (maker of Devin) is in talks to raise at a $25B valuation.
Kubernetes v1.36 shipped with 70 enhancements including fine-grained kubelet API authorization, user namespaces, and deprecation of the vulnerable externalIPs field.
Pyroscope 2.0 eliminates write-path replication and reduces symbol storage by 95%, making continuous profiling dramatically cheaper at scale.
ChatGPT Images 2.0 is now live across all major Figma products including Design, FigJam, Slides, and Weave.
Instagram is testing a standalone app called Instants for unedited, once-viewable disappearing photos to compete with Snapchat and BeReal.
AI systems now apply a 'bland tax' that filters generic content from search results — brands without distinct identity are disappearing from AI-driven discovery.
The Ethereum Foundation completed a 10,000 ETH OTC sale to BitMNR at $2,387/ETH (~$23.87M) as markets remained calm.
📰TodayFeed📡Signals💰Capital