Skip to content
← All briefings

Briefing · Jul 14

Microsoft's largest-ever Patch Tuesday fixes 570 flaws including 3 zero-days and 141 RCE bugs

AI

OpenAI's GPT-5.6 demand surges as Altman warns of possible scaling hiccups

Sam Altman signaled that OpenAI's newest model, GPT-5.6, is experiencing extraordinary adoption, calling its growth rate "insane" and praising the inference team for heroic work keeping up with demand. He cautioned, however, that the company may face some service hiccups as it races to scale infrastructure to match usage.

The real-world strain of that demand is already visible among developers. One builder reported tasking GPT-5.6 on a five-stage overnight job only to find it had stalled at stage zero by morning, pointing to reliability challenges that accompany the model's rapid rollout.

Demis Hassabis publishes piece on frontier AI ecosystem; Satya Nadella amplifies call for innovation and safety

Google DeepMind CEO Demis Hassabis published a piece on building a healthy frontier AI ecosystem, arguing for structures that promote innovation and choice while preventing any single model release from causing catastrophic disruption. Microsoft CEO Satya Nadella highlighted the essay approvingly, calling it important thinking the industry needs more of.

Consumer Tech & Gadgets

Apple Accuses OpenAI of Trade Secret Theft; OpenAI Denies Any Merit to Claims

Apple has filed allegations accusing OpenAI of trade secret theft, a claim OpenAI swiftly and firmly denied. In a new statement, OpenAI said it was not aware of any evidence supporting the complaint, adding that it believes in fair competition and employees' freedom to work wherever they choose. Bloomberg's Mark Gurman was skeptical the dispute reflects any meaningful ongoing commercial relationship between the two companies, suggesting any Apple-OpenAI conversation either went nowhere or has long since stalled.

Samsung's New 990 Pro SSD Is Both Pricier and Slower Than Its Predecessor

Samsung's newly released 990 Pro SSD has drawn criticism for being simultaneously more expensive and slower than the original model it replaces, a combination that Engadget noted is a notable step backward for a flagship storage product in 2026.

Dev Tools & Infrastructure

Bun's next release cuts memory usage by 32% and drops idle CPU by 5x

The Bun JavaScript runtime team announced two back-to-back performance improvements landing in its next release: memory consumption drops by up to 32%, and idle CPU usage falls by a factor of five. The gains are notable for server-side workloads where Bun competes directly with Node.js and Deno on efficiency, and the announcements drew over a thousand combined likes — a strong signal of developer interest in the runtime.

Next.js commits to pre-announcing security releases on a predictable schedule

Next.js announced it will begin giving advance notice before publishing security releases, a process change aimed at giving teams time to prepare patches and upgrades rather than being caught off guard. The move follows a period of scrutiny over how the framework has handled vulnerability disclosures, and the team published a dedicated page with details on the new policy.

Cloudflare deploys EDE 33 error code after DNSSEC failure took down Albania's .AL domain

Cloudflare disclosed that a broken DNSSEC rollover recently knocked Albania's entire .AL top-level domain offline, prompting the company to deploy a Negative Trust Anchor on its 1.1.1.1 resolver to keep affected sites reachable. To address the transparency gap that comes with bypassing DNSSEC validation, Cloudflare says 1.1.1.1 now returns Extended DNS Error code 33, a new signal that explicitly tells clients validation was intentionally skipped rather than leaving them to guess.

Gaming

Riot Games announces League of Legends Classic, a nostalgia-focused version of the 15-year-old MOBA

Riot Games has unveiled League of Legends Classic, a new version of its massively popular MOBA that strips the game back to how it played more than 15 years ago. The announcement signals a growing industry trend of studios leaning into nostalgia to re-engage lapsed players, and is likely to draw significant attention from the game's enormous global player base.

PlayStation delays FlexStrike wireless fight stick launch indefinitely due to production issues

PlayStation has pushed back the release of its FlexStrike wireless fight stick to an unannounced future date, citing a lag in production. The peripheral had been one of Sony's more anticipated hardware additions for fighting game fans, and the open-ended delay offers no new target window.

Analyst argues GTA 6 should cost $200; Ubisoft earns $1M from AC Black Flag Resynced day-one DLC despite backlash

Game pricing is in the spotlight on two fronts. Analyst Ben Thompson publicly argued that Rockstar should charge $200 for Grand Theft Auto 6, contending that the game represents a decade of human effort completed before AI tools became widespread, making its $80 price tag less than half its true value in his view.

Meanwhile, Ubisoft has quietly earned an extra $1 million on Steam from Assassin's Creed Black Flag Resynced's day-one DLC, even as players have pushed back sharply against optional packs that collectively cost $85 — more than the base game itself.

Security

Microsoft's largest-ever Patch Tuesday fixes 570 flaws including 3 zero-days and 141 RCE bugs

Microsoft released what it is calling its largest Patch Tuesday on record, addressing 570 vulnerabilities in a single update cycle. The release includes patches for three zero-day flaws, two of which are actively being exploited in the wild, along with 141 remote code execution vulnerabilities. Microsoft had previously signaled that patch volumes would increase as it began using AI tooling to surface security flaws before attackers can find them.

Separately, CISA issued an alert warning that threat actors are actively exploiting authentication-bypass and remote code execution vulnerabilities in on-premises Microsoft SharePoint Server deployments, publishing specific CVEs alongside detection and remediation guidance. Microsoft also rolled out cumulative updates for Windows 10 and Windows 11 as part of the same cycle, and issued an extended security update package for Windows 10 under its paid ESU program.

Progress Software confirms zero-day behind ShareFile Storage Zone outage; service now restored

Progress Software confirmed that a high-severity zero-day vulnerability in ShareFile Storage Zone Controllers was responsible for a recent shutdown of the service. The company said it patched affected versions 5.x and 6.x and found no evidence that accounts or data were accessed during the incident. No CVE number or attributed threat actor has been publicly identified, and Progress has since restored the Storage Zone Controllers.

SAP patches critical CVSS 9.9 NetWeaver ABAP flaw alongside hardcoded OAuth credential bug in Commerce Cloud

SAP released fixes for a pair of serious vulnerabilities in its enterprise software suite. The more severe of the two is a CVSS 9.9-rated flaw in NetWeaver ABAP that could allow an authenticated attacker to read or modify data or take systems offline. The same update addresses a Commerce Cloud vulnerability stemming from publicly documented sample OAuth credentials that were left unchanged in production environments, a configuration mistake that could give attackers a straightforward path to access.

Startups & Funding

YC-backed Singularity Defense raises $80M Series A at $400M valuation for low-cost missile interceptors

Singularity Defense, a Y Combinator-backed defense startup founded by SpaceX, Tesla, Anduril, and Lockheed alumni, has closed an $80 million Series A at a $400 million valuation. The company is building low-cost missile-based air defense interceptors designed to be manufactured at automotive scale — a direct response to what YC partner Jared Friedman described as a critical gap in scalable U.S. air defense capability, citing Iran's recent attacks as a real-world demonstration of the vulnerability.

Hebbia CEO argues AI agents cost $80/hour on average but vary wildly, challenging the labor-replacement narrative

Hebbia CEO George Sivulka, in a widely shared a16z conversation, pushed back on the conventional wisdom that AI is eliminating human jobs, arguing instead that humans have become cheaper than software in many contexts. For median firms, Sivulka pegs agent costs at roughly $80 per hour — on par with a software engineer — but notes the range is extreme, from as little as $4 per hour to as much as $7,000 per hour depending on how agents are managed, suggesting that the economics of AI labor are far from settled and highly sensitive to deployment decisions.