Research Ecosystem: Morning Brief
Two-week window across 79 tracked feeds, scored against active research threads. Metadata only: titles, links, dates. Read the source for substance. (what we track, how we crawl, subscribe)
Two security stories define the set. Hackers asked Meta AI to hand over Instagram accounts – and it worked. And Anthropic confidentially filed an S-1 with the SEC while multiple npm packages were compromised via Red Hat's cloud services. Meanwhile Schneier frames vulnerability disclosure in the age of AI, LWN covers an AI agent that ported a Python codebase to Rust, and the jank language brings ray tracing to the Clojure ecosystem.
Top (5-7 min)
- Hackers Asked Meta AI for Instagram Access. It Worked.
- 404 Media, 2026-06-01. Social engineering an AI assistant into granting account access. The agent- security thread's most concrete failure mode yet – not prompt injection, just asking politely.
- Anthropic confidentially submits draft S-1 to the SEC
- Anthropic, 2026-06-01. The IPO filing follows the $965B Series H. The capital structure beneath the agent ecosystem is now public-market-bound.
- Multiple redhat-cloud-services npm packages compromised
- LWN, 2026-06-01. Supply-chain attack on Red Hat's npm packages. Continues the protestware-for- agents thread – the npm registry as an attack surface.
- Vulnerability Disclosure in the Age of AI
- Schneier, 2026-06-01. The disclosure framework that worked for human researchers doesn't map to agent-discovered vulnerabilities. The governance gap.
- An AI agent ported our codebase from Python to Rust
- LWN, 2026-06-01. Practitioner report on a full-codebase migration by agent. The porting quality question that connects to the Zig ban and oral-tradition threads.
Themes this week
- Agent security: the social engineering surface
- hackers asked Meta AI for Instagram access and got it, npm packages compromised via Red Hat cloud services, and ICE's spyware contract is almost fully redacted under FOIA. The attack surface is no longer just prompt injection – it's social engineering of AI assistants, supply-chain poisoning, and institutional opacity.
- Anthropic goes public-market
- the S-1 filing follows the $965B raise. Schneier's vulnerability disclosure framing and Citizen Lab's chilling effects analysis land in the same window – the governance conversation that a public Anthropic will have to answer.
- The agent-as-porter question
- LWN's Python-to-Rust migration by agent, Amazon shutting down its internal AI leaderboard after cheating, and the Cloudflare boot-time optimization report. What agents can and can't do at infrastructure scale.
Scan (15 min)
- Agents and harnesses
- Hackers asked Meta AI for Instagram access. It worked., 404 Media, 06-01
- Simon Willison on the Meta AI hack, Simon Willison, 06-01
- Auto-review Run Mode, Cursor, 05-29
- Claude Code v2.1.160, Claude Code releases, 06-02
- Pasted File Editor, Simon Willison, 06-02
- Why Video Agent models are next, Latent Space, 06-01
- AI labs and models
- Anthropic files draft S-1 with SEC, Anthropic, 06-01
- NVIDIA Cosmos 3 for Physical AI, Hugging Face, 06-01
- NVIDIA Cosmos 3, Nemotron 3 Ultra, and RTX Spark, Latent Space, 06-02
- Mellum2: a 12B MoE Model by JetBrains, Hugging Face, 06-01
- Open and closed models are on different exponentials, Interconnects, 06-01
- Our views on AI policy and political advocacy, OpenAI, 06-01
- Corp engineering and infrastructure
- How we reduced core unit boot time from hours to minutes, Cloudflare, 06-01
- Debunking 8 data layout myths: Liquid Clustering, Databricks, 06-01
- Neon: 5x more data transfer in paid plans, Neon, 06-01
- New DuckDB-Iceberg Features in v1.5.3, DuckDB, 05-29
- We're building the boring backend for apps and agents, Neon, 05-28
- Eval, safety, governance
- Vulnerability Disclosure in the Age of AI, Schneier, 06-01
- Testing Gemini models for scheming tendencies, Alignment Forum, 05-29
- A shared playbook for trustworthy third party evaluations, OpenAI, 05-29
- Beyond LLMs: Why Scalable Enterprise AI Depends on Agent Logic, Hugging Face, 06-01
- Supply chain and systems security
- Multiple redhat-cloud-services npm packages compromised, LWN, 06-01
- Protestware for coding agents, LWN, 05-29
- Protecting against token theft, Vercel, 05-29
- A loadable crypto module for FIPS certification, LWN, 05-29
- Surveillance and critique
- Chilling Effects of Trump's War on Free Speech, Citizen Lab, 06-01
- We Sued ICE for Its Spyware Contract. They're Redacting Everything., 404 Media, 06-01
- AI Grifters Making Anti-Data Center Slop With AI, 404 Media, 06-01
- Amazon Shuts Down AI Leaderboard After Employees Cheated, 404 Media, 06-01
- Systems, BSD, kernel
- An AI agent ported our codebase from Python to Rust, LWN, 06-01
- Reconsidering x32 – again, LWN, 06-01
- Representing the true signatures of kernel functions, LWN, 06-01
- Kernel prepatch 7.1-rc6, LWN, 06-01
- DistroWatch turns 25, LWN, 06-01
- On Reading SRAMs in IR Images, and Establishing Bounds on Trust, Bunnie, 05-31
- Aviation
- Wake Island reemerges to support classified U.S. missions, The Air Current, 06-01
- Airbus Next New Airplane Part 3: The Technobricks, Leeham, 06-01
- FAA expects commercial eVTOL ops under pilot program, The Air Current, 05-29
- Clojure and Scheme
- Tracing rays with jank, Planet Clojure, 06-01
- Fast HTML-to-Markdown extraction for LLMs (r11y), Planet Clojure, 05-29
- cljs-ajax 0.9.0-beta1, Planet Clojure, 05-30
- Structural diffing in Emacs; deterministic agent harnesses, Planet Clojure, 05-28
Tail
- May 2026 newsletter, Simon Willison, 06-01
- The solution might be cancelling my AI subscription, Simon Willison, 05-31
- Molly Crabapple's 'Here Where We Live Is Our Country', Pluralistic, 06-01
- Welcome New EFF Executive Director Nicole Ozer, EFF, 06-01
- Building infrastructure for the Intelligence Age in Michigan, OpenAI, 06-01
Feed silences (diagnostic)
arxiv-cs-ai: 2587 items in the 14-day window, fully live.bitsavers(6 feeds): all connected, 0 items (sparse output).James Bornholt,Netflix Tech Blog: errors persist (DNS / TLS).Anthropicfirst-party RSS: still 404, now covered by generated feed + the S-1 filing landed viaanthropic-generated.
Build provenance
build: 2026-06-02 | crawler-sha: aafc842 (Walsh-Research/1.2, compliance v1.3) | feeds: 79 core | items-considered: 3529 (14d, incl. 2587 arXiv) | warehouse: 10991 items | published: 55 | note: Meta AI Instagram hack; Anthropic S-1 filed; npm supply-chain (RedHat); Schneier on vuln disclosure in AI age; LWN Python-to-Rust agent port; jank ray tracing