Stack layer / Threat pattern
Simon Willison Flags Tencent's Hy3 — a 295B Apache-2.0 Open MoE That Rivals GLM-5.2 and DeepSeek-V4, Free on OpenRouter Until July 21
simonwillison.net
Policy dependency / Stack layer
IAPS warns on Kimi Claw: security and governance risks of Chinese-hosted 'always-on' AI agents
IAPS
Threat pattern / Contrast
Kenton Varda declares a moratorium on AI-written PR and commit descriptions
Simon Willison's Blog
Stack layer / Threat pattern
Armadin details full sandbox escape in Anthropic's Claude Cowork; Anthropic disputes, silently patches
SiliconANGLE
Threat pattern
Simon Willison: Bun's Zig-to-Rust Rewrite Was Largely Done by Claude Agents
simonwillison.net
Stack layer / Threat pattern
Simon Willison builds a github-code Web Component with GPT-5.5
Simon Willison's Blog
Stack layer / Threat pattern
Jarred Sumner publishes the Bun Zig-to-Rust rewrite writeup
Simon Willison's Blog
Stack layer / Threat pattern
Claude Code v2.1.203 and v2.1.204 Add Login-Expiry Warnings and Fix Headless Hook Streaming
Claude Code Docs