Credit: Image created with ChatGPT
See what you missed in Daily Tech Insider from May 4–8.
From Google’s expanding AI push to major data breaches, security fixes, and AI-driven workforce shakeups, this week showed how fast the tech industry is rebuilding itself around automation — and how messy that rebuild can get.
Google introduced a new “Expert Advice” panel in its AI Overviews, integrating Reddit, forum, and social media posts to bring community perspectives into search results. The feature aims to highlight authentic voices but raises concerns about misinformation and sarcasm detection. Additional updates include inline links, hover previews, and subscription labels.
Meanwhile, the Android 17 beta revealed new features such as Motion Assist to reduce motion sickness, a native App Lock for biometric security, and improved multitasking tools. The update is expected to debut at Google I/O 2026, possibly alongside the rumored “Aluminium OS” integration with ChromeOS.
Google is also testing a new AI agent called Remy within a staff-only Gemini app. The assistant performs actions beyond chat and replaces the discontinued Project Mariner. Remy aims to compete with open-source and rival offerings from Anthropic, Meta, and Nvidia, with a potential debut at Google I/O on May 19.
OpenAI and Anthropic each announced major joint ventures with private equity firms to embed their AI models into enterprise operations. Anthropic partnered with Blackstone, Hellman & Friedman, and Goldman Sachs in a $1.5 billion venture, while OpenAI formed The Deployment Company with TPG and Bain Capital, valued at $10 billion. Both aim to accelerate enterprise adoption ahead of potential IPOs.
In a related move, AI labs including Google, Microsoft, xAI, OpenAI, and Anthropic agreed to predeployment evaluations by the US Commerce Department’s Center for AI Standards and Innovation. The voluntary program gives Washington early access to AI models before release, as the White House considers making such reviews mandatory.
A Harvard-led study found OpenAI’s o1-preview model outperformed physicians in diagnosing real emergency room cases, achieving 67.1% accuracy compared to doctors’ 50%–55%. The model worked with raw patient records, marking a shift toward more realistic medical AI testing, though researchers caution it’s not yet clinically ready.
The Pentagon signed agreements with Microsoft, AWS, Nvidia, and Oracle to deploy AI models on classified networks. Anthropic was excluded after rejecting military terms, prompting the Defense Department to diversify its supplier base.
Anthropic will lease SpaceX’s 300-megawatt Colossus 1 supercomputer in Memphis, securing over 220,000 Nvidia GPUs to boost Claude’s performance. The deal doubles Claude Code limits, removes throttling for Pro and Max users, and raises API ceilings. The partnership also explores orbital data centers, though the concept remains unproven.
General Motors is replacing Google Assistant with Gemini AI in about 4 million vehicles through an over-the-air update. The assistant can summarize texts, create playlists, and provide car-specific help as GM phases out Apple CarPlay and Android Auto in future EVs.
Meanwhile, Apple is testing a new “Create a Pass” feature in iOS 27 that lets users generate Wallet passes from QR codes or manual entries without developer input. The tool, expected to debut at WWDC on June 8, aims to simplify pass creation and close a gap with Google Wallet.
Vimeo suffered a breach exposing data of over 119,000 users after a 106 GB archive was leaked by the ShinyHunters group. While no passwords or payment data were compromised, exposed names and emails could enable phishing attacks.
Instructure confirmed a cyberattack on its Canvas LMS affecting up to 275 million users. The ShinyHunters group claimed responsibility, leaking names, emails, and private messages. The company has rotated keys and revoked tokens while warning of potential phishing attempts.
Google patched a critical Android zero-click vulnerability (CVE-2026-0073) that allowed remote code execution via Wi-Fi. The fix was included in the May 4 security bulletin and applies to Android 14 through 16, with updates now delivered via Project Mainline.
A vulnerability dubbed Copy Fail (CVE-2026-31431) was found in the Linux kernel’s crypto template, allowing local users to gain root access on nearly all distributions since 2017. Patches have been issued, and users are urged to update immediately.
Daemon Tools developers released a clean version (12.6.0.2445) after a backdoor was discovered in previous Windows installers distributed since April 8. The breach affected users in over 100 countries, prompting urgent recommendations to uninstall and update.
Researchers found that thousands of web apps built with AI low-code platforms like Lovable and Replit exposed sensitive data due to public defaults and missing authentication. Over 380,000 assets were accessible, with scammers exploiting them for phishing. Experts urge developers to enforce private-by-default settings and routine security scans.
A researcher discovered that Chrome automatically downloads a 4 GB Gemini Nano AI model onto devices without user consent. The file supports on-device AI features but regenerates after deletion, raising privacy and environmental concerns. Google says the model automatically removes itself when storage is low, and users can disable it in settings.
An AI coding agent powered by Anthropic’s Claude Opus 4.6 accidentally deleted PocketOS’s production database and backups after misinterpreting a fix command. The incident underscores the risks of automated coding tools and insufficient guardrails in AI-assisted development.
A massive phishing campaign impersonating internal corporate emails targeted 35,000 users across 13,000 organizations. Using fake “code of conduct” messages and adversary-in-the-middle techniques, attackers stole credentials and session tokens, bypassing standard MFA protections.
OpenAI launched an Advanced Account Security mode for ChatGPT and Codex users, replacing passwords with passkeys or hardware keys. The feature enhances protection by disabling recovery options and excluding chats from model training.
Apple agreed to a $250 million settlement over claims that its 2024 AI-powered Siri ads misled consumers. The deal, pending court approval, could pay affected iPhone owners up to $95 per device. The case underscores growing scrutiny over AI marketing ahead of Apple’s expected Siri relaunch at WWDC 2026.
In China, a court ruling determined that companies cannot fire employees solely because AI can perform their roles, ordering a fintech firm to pay over $38,000 in compensation. The decision reinforces legal scrutiny of AI-driven job cuts and strengthens worker protections amid automation.
Coinbase laid off about 700 employees — 14% of its workforce — as part of a shift toward becoming “AI-native.” CEO Brian Armstrong said AI tools now allow smaller teams to achieve more. The move aligns with broader tech layoffs tied to AI efficiency efforts, as companies like PayPal and Freshworks also reduce staff amid rising automation.
Meta announced plans to cut 8,000 jobs — about 10% of its workforce — to redirect funds toward AI infrastructure and data centers. CEO Mark Zuckerberg cited rising compute costs and declining ad revenue, while employees reported morale issues amid monitoring concerns and delayed layoff timelines.
Meta also acquired Assured Robot Intelligence to accelerate its humanoid robotics ambitions, integrating the startup’s tactile sensor and control technologies. The move follows similar robotics investments by Amazon and Google, signaling a new frontier in AI-powered hardware innovation.
If you want to see more from our newsletter, check out the Daily Tech Insider archive.
