The "safe" AI company leaked its code

the model too dangerous to release

Anthropic announced an unreleased AI model called Claude Mythos Preview that has found thousands of zero-day vulnerabilities in every major operating system and web browser. They say it's too dangerous to release. Meanwhile, Anthropic lost a key court ruling in its ongoing fight with the Pentagon over military AI guardrails. Also this week: Cursor 3.0 brings parallel agents and design mode, Next.js ships a critical security patch (with some irony attached), TanStack introduces code mode for composable tool execution, Payload 3.82 lands with new hooks and drag-and-drop components, plus updates from shadcn, Figma, Claude Code, and Railway. Next in Dev is a weekly newsletter and podcast covering modern web development. Subscribe at nlvcodes.com or wherever you listen to podcasts. Hosted on Acast. See acast.com/privacy [https://acast.com/privacy] for more information.

The "safe" AI company leaked its code

Anthropic accidentally leaked the entire Claude Code source code through an NPM packaging error. Plus Railway's new CDN leaked authenticated user sessions, Google launched a Gemini switching tool and Gemma 3 under Apache 2.0, Cloudflare announced a TypeScript CMS they're calling a WordPress successor (on April 1st), and Payload shipped an LLM evaluation suite. 0:00 Intro 0:26 Anthropic leaked Claude Code's source code 1:45 Railway's CDN leaked authenticated sessions 2:28 Google's Gemini switching tool 3:02 Google Gemma 3 goes Apache 2.0 3:30 Cloudflare's WordPress successor 4:20 Payload 3.81 LLM evaluation suite 4:47 Claude Code updates (7 releases) 5:16 Figma Make Kits & Make Attachments 5:42 Astro 6.1 5:49 TanStack Router signal graph 6:02 Outro Hosted on Acast. See acast.com/privacy [https://acast.com/privacy] for more information.

OpenAI Killed Sora

OpenAI published a safety blog for Sora, then killed the entire product the next day and rug pulling Disney's $1B partnership in the process. Plus, Cursor got caught hiding that Composer 2 is built on an open source Chinese model, a federal judge called out the Pentagon's Anthropic ban, GitHub is opting you into AI training data, and Next.js finally addressed its biggest criticism with the new Adapter API. 0:00 OpenAI kills Sora 2:04 The real reason OpenAI is pivoting 2:31 Cursor's transparency problem 3:23 Open source attribution matters 4:19 Pentagon vs Anthropic, Part ??? 5:58 GitHub trains on your code now 7:13 Next.js Adapter API changes everything 8:50 Figma opens canvas to AI agents 9:35 Rapid fire: Payload, WebStorm, TanStack, Claude Code, Railway Hosted on Acast. See acast.com/privacy [https://acast.com/privacy] for more information.

Anthropic is suing the government

Anthropic is suing the US government after being labeled a "supply chain risk," AI found 22 high-severity Firefox bugs in just two weeks, Astro 6 dropped with a completely rebuilt dev server, and there's major tooling news across Cloudflare, shadcn, Cursor, Figma, and more. This week in web development and AI news: the Anthropic lawsuit against the Trump administration, Claude's automated security scanning on the Firefox codebase, OpenAI acquiring Promptfoo, Apple Music AI transparency tags, Astro 6's new Vite Environment API and Cloudflare adapter, shadcn CLI v4 with AI agent skills, Cloudflare's new Browser Rendering crawl endpoint, Cursor plugins, Figma MCP updates, Claude Code releases, Next.js 16.2 canary progress, Railway, and Dokploy updates. 0:00 Intro 0:24 Anthropic sues the government 2:07 Claude finds 22 Firefox bugs 3:25 The Anthropic Institute 4:16 OpenAI acquires Promptfoo 5:08 Apple Music AI transparency tags 6:37 Astro 6 7:49 Cloudflare Browser Rendering API 8:15 shadcn CLI v4 8:52 Cursor plugins 9:11 Figma updates 9:44 Claude Code, Next.js, Railway, Dokploy 10:59 Outro Hosted on Acast. See acast.com/privacy [https://acast.com/privacy] for more information.

OpenAI's Principles Lasted Exactly 24 Hours

Sam Altman told CNBC he shares Anthropic's safety principles. Less than 24 hours later, OpenAI signed a government contract without those principles and posted about it like a win. Here's why that matters if you build with AI. Hosted on Acast. See acast.com/privacy [https://acast.com/privacy] for more information.