Simon Willison — Week of 2026-03-30 to 2026-04-03#

Highlight of the Week#

This week highlighted a monumental shift in the open-source security landscape, marking the sudden end of “AI slop” security reports and the arrival of a tsunami of high-quality, AI-generated vulnerability discoveries. High-profile maintainers of the Linux kernel, cURL, and HAPROXY are reporting an overwhelming influx of legitimate bugs found by AI agents, fundamentally altering the economics of exploit development and forcing open-source projects to rapidly adapt to a massive increase in valid bug reports.

Engineering @ Scale — 2026-04-14#

Signal of the Day#

To prevent API endpoints from exhausting an LLM’s context window, Cloudflare introduced a “Code Mode” architectural pattern for Model Context Protocol (MCP) servers that collapses thousands of tools into just two: a search function and a sandboxed JavaScript execution function. This progressive tool disclosure approach reduced their internal token consumption by 94% and offers a highly scalable model for hooking enterprise APIs to autonomous agents.

Engineering @ Scale — Week of 2026-04-03 to 2026-04-10#

Week in Review#

This week, the industry rapidly shifted from conversational AI paradigms to formal “Agentic Infrastructure,” prioritizing strict deterministic guardrails over massive, unstructured context windows. Top organizations are aggressively fracturing monolithic processes—whether it is breaking down massive LLM prompts into specialized sub-agents, federating sprawling databases, or shifting compute-heavy security mitigation entirely to the network edge—to manage the unbounded scaling demands of machine actors.

Apple Ecosystem Daily — 2026-04-09#

Highlights#

Today’s news cycle is characterized by critical software refinements and fascinating hardware modifications. Apple released bug-fixing updates across its operating systems and professional creative apps, while also expanding its Self Service Repair program to accommodate its newest hardware releases. Concurrently, the enthusiast community demonstrated the hardware hackability of the new MacBook Neo, and security researchers shed light on both Apple Intelligence vulnerabilities and law enforcement data extraction techniques.

Apple — Week of 2026-04-04 to 2026-04-10#

Week in Review#

This week’s news was dominated by concrete leaks surrounding the highly anticipated foldable “iPhone Ultra” and the massive market success of the budget-friendly MacBook Neo. On the software and AI fronts, Apple deployed critical fixes for Apple Intelligence and iCloud, while reportedly preparing a standalone, Gemini-powered Siri app for iOS 27.

Top Stories#

Foldable “iPhone Ultra” Enters Trial Production · Hardware Leaks Apple’s highly anticipated foldable device, tentatively named the “iPhone Ultra,” has reportedly entered trial production and is slated for a September launch. Leaks reveal an ultra-thin 4.5mm titanium, passport-style chassis that sacrifices Face ID for a side-button Touch ID, utilizing exclusive Samsung OLED panels. The premium device is expected to command a price tag crossing the $2,000 threshold.

Simon Willison — 2026-04-07#

Highlight#

Anthropic’s decision to restrict access to their new Claude Mythos model underscores a massive, sudden shift in AI capabilities. It is a fascinating look at an industry-wide reckoning as open-source maintainers transition from dealing with “AI slop” to facing a tsunami of highly accurate, sophisticated vulnerability reports.

Posts#

[Anthropic’s Project Glasswing - restricting Claude Mythos to security researchers - sounds necessary to me] · Source Anthropic has delayed the general release of Claude Mythos, a general-purpose model similar to Claude Opus 4.6, opting instead to limit access to trusted partners under “Project Glasswing” so they can patch foundational internet systems. Simon digs into the context, tracking how credible security professionals are warning about the ability of frontier LLMs to chain multiple minor vulnerabilities into sophisticated exploits. He even uses git blame to independently verify a 27-year-old OpenBSD kernel bug discovered by the model. He concludes that delaying the release until new safeguards are built, while providing $100M in credits to defenders, is a highly reasonable trade-off.

Engineering @ Scale — 2026-04-07#

Signal of the Day#

By implementing an LLM-based risk classifier as an executable guardrail, Vercel successfully automated 58% of monorepo pull request merges without increasing revert rates. This demonstrates that mature codebases often suffer from review capacity misallocation rather than a lack of verification capability, making automated risk routing a highly effective scaling lever.

Simon Willison — 2026-04-03#

Highlight#

The overarching theme today is the sudden, step-function improvement in AI-driven vulnerability research. Major open-source maintainers are simultaneously reporting that the era of “AI slop” security reports has ended, replaced by an overwhelming tsunami of highly accurate, AI-generated bug discoveries that are drastically changing the economics of exploit development.

Posts#

Vulnerability Research Is Cooked · Source Highlighting Thomas Ptacek’s commentary, Simon notes that frontier models are uniquely suited for exploit development due to their baked-in knowledge of bug classes, massive context of source code, and pattern-matching capabilities. Since LLMs never get bored constraint-solving for exploitability, agents simply pointing at source trees and searching for zero-days are set to drastically alter the security landscape. Simon is tracking this trend closely enough that he just created a dedicated ai-security-research tag to follow it.

Simon Willison — 2026-04-05#

Highlight#

Simon highlights a deep-dive post by Lalit Maganti on the realities of “agentic engineering” when building a robust SQLite parser. The piece beautifully articulates a crucial lesson for our space: while AI is incredible at plowing through tedious low-level implementation details, it struggles significantly with high-level design and architectural decisions where there isn’t an objectively right answer.

Posts#

Eight years of wanting, three months of building with AI Simon shares a standout piece of long-form writing by Lalit Maganti on the process of building syntaqlite, a parser and formatter for SQLite. Claude Code was instrumental in overcoming the initial hurdle of implementing 400+ tedious grammar rules, allowing Lalit to rapidly vibe-code a working prototype. However, the post cautions that relying on AI for architectural design led to deferred decisions and a confusing codebase, ultimately requiring a complete rewrite with more human-in-the-loop decision making. The core takeaway is that while AI excels at tasks with objectively checkable answers, it remains weak at subjective design and system architecture.

Simon Willison — Week of 2026-04-04 to 2026-04-10#

Highlight of the Week#

Anthropic’s decision to delay the general release of their highly capable Claude Mythos model under “Project Glasswing” marks a significant turning point in the AI industry. The move underscores a massive shift in frontier model capabilities, as models evolve from generating text to autonomously chaining multiple minor vulnerabilities into sophisticated exploits, requiring a new level of security safeguards before release.