PrismML’s 1‑bit LLMs Rise as Anthropic Code Leak Raises Alarms

AI & Machine Learning

PrismML emerged from stealth this week with its “Bonsai” family of 1‑bit‑weight language models, announcing an 8.2B‑parameter Bonsai 8B that the company says fits into roughly 1.15 GB of memory and can run on devices ranging from Macs to phones. The startup positions the 1‑bit approach as a step change for on‑device and low‑resource deployment, enabling more capable LLMs outside large data centers and potentially reducing inference cost and latency for edge applications. PrismML’s announcement highlights a broader push toward quantization techniques that trade minimal accuracy for dramatic reductions in model size and resource needs, which could accelerate private, offline AI experiences. The move will likely spur attention from mobile and embedded device makers as well as competitors working on efficient model formats. Source: PrismML Verified: True

OpenAI published a retirement schedule for several legacy ChatGPT and API models, including GPT‑4o, GPT‑4.1, GPT‑4.1 mini and o4‑mini, removing those endpoints from general availability while maintaining limited access for some business and enterprise customers during transition windows. The company framed the deprecation as part of consolidating users onto its newer GPT‑5.x line and simplifying its model portfolio to focus development and support efforts. For developers and organizations, the change requires migration planning to updated endpoints and may affect workflows that relied on the older variants’ specific behavior or latency/cost tradeoffs. OpenAI’s move is consistent with typical model lifecycle management but could create short‑term integration and billing impacts for customers who have not yet migrated. Source: OpenAI Verified: True

Consumer Hardware

Google began rolling out its March/April 2026 firmware update for Pixel Watch LTE models, targeting LTE connectivity and stability fixes specific to those variants. The patch continues Google’s regular cadence of monthly and quarterly device updates and is aimed at improving call reliability, cellular handoffs, and battery performance for LTE users. Users with LTE Pixel Watches should see the update arrive over the air and are advised to install it to benefit from the fixes and any security patches included. The release underlines the ongoing importance of firmware maintenance for wearables as they take on more standalone cellular functionality. Source: 9to5Google Verified: True

Cybersecurity

Anthropic accidentally published roughly half a million lines of source code for its Claude Code product via an npm package that included source maps, creating a large exposure of internal code and marking a second high‑profile leakage incident for the company in recent weeks. The incident raises questions about internal release controls, build processes, and how source maps or other development artifacts are handled before public publishing. Security researchers and competitors could use the leaked material to find vulnerabilities or reproduce proprietary techniques, and Anthropic faces potential IP and operational fallout as it investigates scope and remediation. The leak underscores how modern build pipelines can inadvertently disclose sensitive assets if safeguards and automated checks are not enforced. Source: Los Angeles Times Verified: True

Researchers and vendors warned of a critical Citrix NetScaler ADC and Gateway vulnerability (CVE‑2026‑3055) that can cause memory overreads when NetScaler is configured as a SAML identity provider, potentially leaking sensitive memory contents. Reports described active reconnaissance and exploitation attempts in the wild and prompted Citrix to issue advisories with fixes and mitigation guidance for administrators. Given the attack surface of NetScaler in many enterprise perimeters, security teams were strongly urged to apply vendor patches or implement workarounds immediately to reduce exposure. The incident is a reminder of the persistent risk posed by widely deployed network appliances and the speed at which attackers probe for newly disclosed flaws. Source: The Hacker News Verified: True

Google released emergency Chrome updates addressing 21 vulnerabilities, including an actively exploited high‑severity zero‑day in the WebGPU “Dawn” component tracked as CVE‑2026‑5281, marking the fourth Chrome zero‑day fixed so far in 2026. The update is being pushed broadly and users are urged to update immediately to mitigate in‑the‑wild exploitation that could lead to code execution or information disclosure. The frequency of high‑severity browser zero‑days this year highlights both attackers’ focus on browser components and the importance of rapid patch deployment in enterprises and consumer systems. IT teams should prioritize the Chrome rollout and verify version compliance to reduce end‑user risk. Source: BleepingComputer Verified: True

Mercor, an AI recruiting startup, confirmed it was among “thousands” of organizations impacted by a supply‑chain compromise tied to the open‑source LiteLLM project, where attackers distributed trojanized upstream code to downstream users. The compromise allowed attackers to access internal systems and data at some impacted organizations, underscoring the systemic risk created by widespread reuse of shared open‑source tooling in AI development. For startups relying on community libraries and model tooling, the incident is a stark reminder to enforce supply‑chain controls, reproducible builds, and dependency vetting. The campaign also raises broader questions about governance and trust models for critical AI infrastructure components. Source: The Register Verified: True

Enterprise Infrastructure

Microsoft announced three new foundation models available via Microsoft Foundry and the MAI Playground, including transcription and voice models intended for enterprise customers and cloud‑native AI deployments. The release expands Microsoft’s model catalog and signals an intensifying effort to provide multimodal and voice capabilities tightly integrated with its enterprise tooling and cloud services. By bringing these models into Foundry and MAI Playground, Microsoft aims to simplify enterprise adoption and compete with other large AI platform providers on both model breadth and deployment flexibility. The move is likely to accelerate enterprise pilots that need integrated speech and transcription features alongside text and vision models. Source: TechCrunch Verified: True

Reporting indicates Elon Musk and SpaceX are exploring an IPO in part to fund ambitious plans for orbital data centers that would host AI workloads, a proposal that faces significant technical, financial and regulatory hurdles. Analysts compared the idea to earlier undersea and space infrastructure efforts, noting that launching, maintaining and regulating computing facilities in orbit presents unresolved cost and latency tradeoffs versus terrestrial cloud regions. Proponents argue orbital centers could offer unique capabilities for sensor integration or resilience, while critics highlight power, cooling, and lawful data‑jurisdiction complexities. The discussion underscores an emerging intersection of space tech and cloud infrastructure as companies look for new ways to scale compute for AI workloads. Source: Reuters Verified: True

Policy & Regulation

The U.S. Federal Trade Commission opened a public comment period on Northrop Grumman’s petition to modify a prior final order tied to conditions imposed after the Orbital ATK acquisition, signaling renewed regulatory scrutiny and an opportunity for stakeholders to weigh in. The FTC’s call for public input is part of a process that could reopen or adjust enforcement remedies, affecting merger conditions and future compliance obligations for the company. Public comments will inform whether the agency grants the petition and could set precedent for how legacy remedies are revisited as markets and corporate structures evolve. Observers say the move illustrates the agency’s continued willingness to revisit past orders where changing circumstances or new evidence warrant reconsideration. Source: FTC Verified: True