Yesterday in AI
A rundown of all of the important stories in AI that happened yesterday in 10 minutes or less.
Yesterday in AI
Yesterday in AI - Coding wars, courtroom chaos, and a model that's giving national treasuries anxiety
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
Yesterday in AI | Thursday, April 23, 2026
A $60 billion bet just changed the coding agent race. A single AI model found 271 bugs that human auditors missed — and now governments on two continents are alarmed by what it can do. A Wall Street law firm got caught by the wrong team. And the counter-punch from OpenAI's CEO raises questions about who's really afraid of what. Plus, Alibaba dropped a model that handles ten hours of audio in real time, and Google showed up to Google Cloud Next with $750 million and a point to prove.
Feedback? Email mike@yesterdayinai.news or connect on LinkedIn, X, or Bluesky. If you like the show, please take a minute to rate and review it so others can find it!
Hi folks, this is Yesterday in AI, your daily digest of everything happening in the world of artificial intelligence in 10 minutes or less. I'm Mike Robinson. It's Thursday, April 23rd, and while Anthropic's most powerful model is rattling governments on two continents, Elon Musk just placed a $60 billion bet on a coding startup he didn't build. Let's get into it. Let's start with the SpaceX and Cursor deal, because the structure of it tells you more than the headline does. SpaceX signed an agreement with Cursor on Tuesday. The basic terms, SpaceX and XAI will collaborate with Cursor on building a coding and knowledge work AI, using SpaceX's Colossus Supercomputer as the compute backbone. If a collaboration produces something competitive, SpaceX has the option to acquire Cursor outright later this year for $60 billion. If the whole thing falls apart, SpaceX still pays Cursor $10 billion for the learning experience. Twelve months ago, Cursor was valued at $10 billion. The acquisition price in this deal is six times that. This is XAI trying to buy its way into a race it's currently losing. Claude Code and OpenAI's codex have real momentum in the AI coding agent space. Grok doesn't. XAI has compute through Colossus, but it doesn't have the application layer product with market traction. Cursor has the product. The deal gives Cursor the compute it was never going to get on its own, removes its dependency on begging its biggest rivals for model access, and gives XAI a working team that knows how to ship coding tools to real users. The risk is obvious. SpaceX and Cursor are going up against labs whose entire organizational energy is focused on winning this exact race. Claude Code launched with Anthropics full stack behind it. Codex has 4 million weekly active users and OpenAI's enterprise sales team behind it. Cursor and XAI are an unconventional pairing with a lot of talented people. But the baseline is challenging, and $10 billion is the price of finding out if they can close the gap. Either way, the size of that acquisition option settles one question for good. Coding agents are not a feature, they're the center of gravity in this industry right now. Now to Anthropic. The story on Wednesday came from two directions at once, and they pointed at each other in interesting ways. Through a program called Project Glasswing, Anthropic has been giving selective access to Mythos to a small group of organizations to find and patch security flaws before attackers get similar tools. The scope of what Mythos has found across software broadly is hard to process, thousands of zero-day vulnerabilities across every major operating system and browser. Among the findings, a 27-year-old bug in OpenBSD and a 16-year-old flaw in FFmpeg that automated scanners had run past 5 million times without flagging anything. Mozilla got its own look at those capabilities. When Mozilla used Anthropics Opus 4.6 model on Firefox 148 earlier this year, it found 22 bugs. When they tested Mythos against Firefox 150, it handed back a list of 271 vulnerabilities. Firefox 150, released Wednesday, patches all of them. Firefox's CTO Bobby Holly described his initial reaction as vertigo. That seems accurate. Mythos wasn't built specifically for security. These capabilities emerged from making it better at coding. Anthropic has said plainly that the same improvements making Mythos better at finding vulnerabilities also make it better at exploiting them, which is why they're not releasing it publicly. The window to patch critical infrastructure before attackers have access to something similar is short. Wednesday's Firefox release is what trying to use that window responsibly looks like in practice. That context matters a lot for what Sam Altman said Wednesday. Altman appeared on a podcast and called Anthropic's mythos fear-based marketing. His argument was that Anthropic was using safety concerns to dress up a product, restrict access to an elite few, and make it sound more powerful than it actually is. It's a sharp line and it landed in a lot of headlines. It also comes from someone whose own company has used exactly the same framing. For example, OpenAI's GPT-4 launch, GPT 5.4's staged rollout, and the O series reasoning models. In each case, OpenAI restricted access for safety reasons and made sure you knew about those reasons. Altman calling fear-based marketing out as a cynical move is a little on the nose. The more important mythos story on Wednesday was from the New York Times, which reported that financial regulators and governments worldwide are alarmed by the model in ways that don't fit a PR campaign. The UK is the only country besides the U.S. that Anthropic has shared mythos with. The Bank of England, the Financial Conduct Authority, and HM Treasury have all been briefed on it as a real-time risk to financial infrastructure. Other governments are asking who controls it, what it can do, and what happens when someone who shouldn't have it, gets it. When national treasuries start modeling a single AI model as a risk to financial infrastructure, that's not marketing copy. That's a policy problem the world didn't have two years ago. From the geopolitical to the courtroom and a story that should be on the desk of anyone who oversees AI use inside a professional services firm. Sullivan and Cromwell, one of the most prominent law firms on Wall Street, apologized to a federal bankruptcy judge Wednesday after submitting a court filing with AI-generated hallucinations, fabricated case citations, and misstatements of legal authority. The errors were caught and flagged by a rival firm, Boyce Schiller-Flexner, not by Sullivan and Cromwell's own review process. That detail is the one that stings. The firm used AI to draft a filing, and quality control depended on the other side to find the mistakes. A corrected filing was submitted and the apology went to the court. U.S. judges have already disciplined lawyers for submitting AI-assisted filings without proper verification. Attorneys are personally responsible for what they file. That hasn't changed. Sullivan and Cromwell found out Wednesday in about as public a setting as possible. For any organization using AI and professional work, the question isn't whether these errors happen. It's whether your review process catches them before someone else does. And now to Google. Google Cloud Next is underway this week and Wednesday was Google's biggest day of enterprise AI announcements. The headline number? Google committed $750 million to help its partner ecosystem build and deploy Agentec AI for enterprise customers. The program covers prototyping, deployment, and skills training. Google is also embedding its own engineers directly alongside Accenture, Deloitte, PWC, and TCS. That last part is Google acknowledging something that's been obvious in the enterprise market for a while. You can't just hand a platform to a systems integrator and expect production results. Companies need someone in the room who knows how the thing actually works. The product centerpiece is Gemini Enterprise, now positioned as a full platform for building, managing, and running agents at scale. New features include Agent Designer, no code agent building, memory profiles, persistent context across sessions, agent gateway, IT controls over the agent fleet, and BYO MCP support, meaning enterprises can connect Gemini to third-party tools using Anthropic's Model Context Protocol Standard. Google also launched Deep Research Max, an autonomous research agent that outperformed GPT-5.4 on web research and reasoning benchmarks. Google has one real advantage in the enterprise market. Workspace is where a lot of critical business data actually lives. Documents, email threads, meeting notes, shared drives. Getting agents with access to that data and genuine IT control built in is a credible pitch. What Google hasn't had is the developer energy or the enterprise sales motion to match anthropic and open AI. Wednesday was the company making clear it intends to compete for that ground. One more before we close, and it's from China. Alibaba shipped Quen 3.5 Omni on Wednesday. The model has hundreds of billions of parameters, natively processes text, audio, images, and video in a single architecture, and handles a 256,000 token context window, enough to cover 10 hours of audio and nearly 7 hours of HD video in real time. It uses something called ARIA for speech synthesis that produces emotionally nuanced multilingual output at low latency. The benchmarks are competitive with leading Western models. The model is available now through Alibaba Cloud, and given the trajectory of Chinese AI releases over the past six months, from Kimik 2.6 to DeepSeek, the release should be read as serious. The gap between what US labs produce and what Chinese labs produce keeps closing. Quen 3.5 Omni isn't a research demo. It's a production multimodal model with real capabilities and a release date of this week. The competition is global, and Wednesday's announcement was another reminder of that. That's all for this edition of Yesterday and AI. Stay curious, and I'll see you tomorrow.