Welcome back! This week the AI industry handed us a live demonstration of its biggest unsolved problem. Anthropic built a model so capable at finding and exploiting vulnerabilities that they're refusing to release it publicly — and then scrambled to build a defensive program around it before anyone else gets there first. Google DeepMind published the first formal map of how AI agents get hijacked through ordinary web content. A startup raised $13M specifically because 74% of companies are deploying agentic AI with no governance model in place. And Meta quietly became a closed-source AI company for the first time. Big week. Let's get into it.

Anthropic Built a Model Too Dangerous to Release — So It Built a Program Around It:

Anthropic this week revealed Claude Mythos Preview, which it describes as "by far the most powerful AI we've ever developed." In just a few weeks of internal testing, Mythos autonomously identified thousands of zero-day vulnerabilities — including critical ones in every major operating system and web browser — and fully exploited a 17-year-old remote code execution flaw in FreeBSD with no human involvement after the initial prompt.

Anthropic is refusing to release it publicly because of what it can do. Instead, they launched Project Glasswing: a controlled initiative giving roughly 40 organizations — including Amazon, Apple, Cisco, Google, JPMorganChase, Microsoft, and Nvidia — access to Mythos Preview specifically for defensive security work, backed by up to $100M in usage credits and $4M in donations to open-source security organizations.

The framing is defensive, but the underlying signal is clear: a model that can autonomously find and exploit critical infrastructure vulnerabilities exists now, and the window between "only defenders have access" and "everyone does" is open.

Google Released Gemma 4 — Open Weights, Competitive at Benchmark

Google released Gemma 4 this week, describing it as "byte for byte, the most capable open model" available. The release continues Google's push to keep competitive open-weight models in market alongside its proprietary Gemini lineup. For teams that have been defaulting to proprietary APIs — not because they prefer them, but because open alternatives weren't competitive enough to justify the operational overhead — Gemma 4 is worth a fresh benchmark run.

The gap between open and closed model performance has been narrowing consistently for two years; this is another step in that direction, and it matters most for teams with data privacy requirements or cost sensitivity at scale.

Google DeepMind Mapped Six Ways to Hijack an AI Agent Through a Webpage:

On April 6, Google DeepMind researchers published the first systematic taxonomy of web-based attacks targeting AI agents — what they're calling "AI Agent Traps." The framework identifies six categories: content injection (hiding machine-readable payloads in HTML), semantic manipulation (feeding agents false assertions they accept as ground truth), cognitive state traps (poisoning long-term memory across sessions), behavioral control (coercing agents into unauthorized actions), systemic traps (exploiting cross-component interactions), and multi-agent traps (using coordinated agents to amplify effects).

The core insight is that autonomous agents parse web content differently than humans — they follow programmatic cues and ingest metadata invisible to human visitors, making them vulnerable to attacks that simply don't work on people reading the same page. If you're shipping anything agentic that touches external content, this taxonomy is worth reading before you ship.

A Startup Raised $13M Specifically to Secure AI Agents:
Trent AI emerged from stealth this week with $13M in seed funding to build security infrastructure for AI agents and autonomous workflows. The London-based startup was founded by former AWS engineers — CEO Eno Thereska, CTO Zhenwen Dai, and Chief Scientist Neil Lawrence, who is also an ML professor at Cambridge University. Their pitch is grounded in a real gap: a Deloitte survey found that while 74% of companies plan to deploy agentic AI within two years, only 21% report a mature governance model for autonomous agents.

Trent is building a layered platform to secure agents across their full lifecycle — not just at the perimeter. The fact that investors funded an entire company around this specific problem, led by infrastructure engineers rather than pure security researchers, says something about where the industry thinks the actual bottleneck is.

Meta Launched Muse Spark — and Quietly Dropped the Open-Source Playbook:

Meta this week launched Muse Spark, the first model out of its Superintelligence Labs division led by Alexandr Wang, built over nine months as a "ground-up overhaul" of its AI. The model is multimodal — accepting voice, text, and image inputs — and is already live at Meta.ai and the Meta AI app, with a rollout planned for Facebook, Instagram, and WhatsApp to replace the current Llama models powering them. Meta says it benchmarks on par with or better than leading models from OpenAI, Anthropic, and Google. But the bigger story is what Muse Spark isn't: open source. This is Meta's first proprietary model with no publicly available weights — a direct reversal of the open-source identity they've built since LLaMA 1. Whether this is a permanent strategic shift or a one-off for a specific deployment is the question worth watching.

What did you think of today's email?
Your feedback helps me create better emails for you! comment down 👇
Loved It 😊
It was ok 🙂
Could be better 🤔

Until next time - Teja Derangula,
The gap between thinking and building has shrunk — take advantage.