Cognition Celebrates One-Year Anniversary of Windsurf Acquisition, ARR Grows to Hundreds of Millions
AI ProgrammingAcquisitionWindsurf
AI coding company Cognition released a public letter marking the one-year anniversary of its acquisition of Windsurf, reflecting on the 72-hour rapid deal closure and subsequent integration achievements. CEO Scott Wu stated that the team has launched dozens of new features, coding agents like Devin continue to evolve, the company's annual recurring revenue (ARR) has grown to the hundreds of millions of dollars, and progress has been made in frontier AI research. Team members including Jeff Wang shared emotional ups and downs during the acquisition and the collaborative building journey over the following year, highlighting the fast commercialization of the AI programming sector.
StepFun Unveils World's First Agent-Native Operating System Step AOS
Operating SystemAI AgentEdge-Cloud Collaboration
StepFun unveiled Step AOS, claimed to be the world's first Agent-native operating system, and introduced the 「three walls」 analytical framework: memory wall, decision wall, and action wall. It pointed out that traditional operating systems, due to application sandboxing, lack of edge-cloud coordinated scheduling, and Agents lacking legitimate system identities, prevent intelligent agents from becoming true system natives. StepFun advocates that 「AI-native OS」 differs from the plug-in approach of 「OS+AI」, where model capabilities can directly grow into system primitives, resulting in shorter transformation chains and deeper coupling. The first terminal product, STEPX Neo, runs on Step AOS and supports cross-application scheduling and multi-device task continuity.
Meta's Muse Spark AI Scores Perfect 30/30 in Asian Physics Olympiad Theory Exam, Ties Top Human Competitors
Meta AIAI for ScienceBenchmarking
Meta AI's Muse Spark model achieved a perfect score of 30/30 in the theoretical exam of the 2026 Asian Physics Olympiad, tying with the top three human contestants. Alexandr Wang and Meta officially confirmed the result, underscoring the model's capabilities in multimodal reasoning and solving complex physics problems. This marks another advancement by Meta in the AI for Science domain, following the earlier release of the paid model Muse Spark 1.1.
Hugging Face CEO Predicts Open Source Models Will Handle 90% of Token Usage Within 12 Months
Open Source ModelsAI TrendsToken Usage
Hugging Face CEO Clement Delangue predicts that as enterprises shift toward open source models for production use, open source models could handle 90% of token usage within the next 12 months. This forecast aligns with Vercel data showing that open-weight models already accounted for 29% of token usage on the AI gateway in June, yet represented less than 4% of spending, highlighting the significant cost-efficiency advantage driving enterprise adoption.
OpenAI Codex Surpasses 7 Million Weekly Active Users in Two Months, 150+ Updates Released
CodexOpenAIAI Programming
OpenAI announced major updates to Codex, reporting that weekly active users have exceeded 7 million, with over 150 updates rolled out in just two months. These include integration with GPT-5.6 and Ultra models, parallel workflows, faster computer operations, and mobile workflows. ChatGPT iOS now features Codex visualization, supporting real-time preview of generated charts and custom content; Codex can also generate complete PowerPoint presentations. Developer feedback indicates that the Soul model is recommended for the most challenging tasks, while Luna is suitable for routine tasks.
Study: Optimizing Global Configuration of Agent Systems Can Reduce Costs by 89%, Outperforming Simple LLM Routing
AI AgentCost OptimizationSystem Design
New research by UC Berkeley researcher Melissa Pan shows that optimizing the global configuration of Agent systems can reduce agent costs by 89% without sacrificing accuracy, outperforming simple LLM routing approaches. This finding aligns with the AI engineering community's shift from focusing solely on the Agent itself to emphasizing surrounding systems—known as Harness engineering. Multiple engineers stress that full Agent autonomy is neither reliable nor desirable at scale.
Ghostcommit Attack Uses Image-Hidden Prompt Injection to Trick AI Agents into Leaking Repository Files
AI SecurityPrompt InjectionMCP
Security researchers disclosed a new attack technique named 「Ghostcommit」, which uses images to hide prompt injection commands, tricking AI agents into reading and leaking sensitive files from code repositories. AI agents such as Cursor and Antigravity are affected, while Claude Code can detect this attack. Concurrently, xAI's Grok Build CLI was found to upload user file contents in full to its Google Cloud Storage servers, though there is no evidence these were used for training. Meanwhile, the AI SDK released new functionality to detect silent alterations to MCP tool descriptions, schemas, and titles.
Stanford Introduces TRACE Agent Training Framework, Turning Failures into Reinforcement Learning Environments
AI TrainingReinforcement LearningAI Biology
Researchers at Stanford University introduced TRACE, a capability-oriented agent training framework that transforms failed cases from cyclic agents into synthetic reinforcement learning environments. Concurrently, Stanford and the Arc Institute jointly released the open-source framework Proto, enabling researchers to combine multiple AI biology models through shared language to design proteins, DNA, and RNA, advancing AI applications in bioinformatics.
GitHub Dependabot Enforces Default Three-Day Cooling Period to Reduce Supply Chain Attack Risks
Development ToolsSupply Chain SecurityOpen Source
GitHub's Dependabot now defaults to waiting at least three days after a new version release before creating a pull request for version updates—a cooldown period that takes effect without any configuration. This practice adopts the security principle of 「dependency cooling」, aiming to defend against supply chain attacks that often exploit the immediate adoption window of new releases. Simon Willison has long advocated waiting before upgrading dependencies, arguing that this strategy effectively protects projects from compromised packages.