Miguel MS Blog

Miguel MS BlogInsights on AI, technology, and software engineering.https://miguel.ms/en-usThe Heist You Cannot Stop: How AI Companies Are Losing Their Most Valuable Assethttps://miguel.ms/blog/2026-04-22-the-heist-you-cannot-stop-how-ai-companies-are-losing-their-most-valuable-asset/https://miguel.ms/blog/2026-04-22-the-heist-you-cannot-stop-how-ai-companies-are-losing-their-most-valuable-asset/How 16 million Claude conversations were stolen by Chinese AI companies using distillation to strip safety training while preserving dangerous capabilities.Wed, 22 Apr 2026 00:00:00 GMTGPT-5.4-Cyber: OpenAI's Answer to the Question Nobody Wanted Askedhttps://miguel.ms/blog/2026-04-20-gpt-5-4-cyber-openais-answer-to-the-question-nobody-wanted-asked/https://miguel.ms/blog/2026-04-20-gpt-5-4-cyber-openais-answer-to-the-question-nobody-wanted-asked/Two cyber-AI models in 7 days. Glasswing to 52 orgs. TAC to thousands. Same capability, opposite philosophy. How we govern AI shapes everything that follows.Mon, 20 Apr 2026 00:00:00 GMTClaude Mythos: When AI Learns to Break the Internet, Who Gets Left Behind?https://miguel.ms/blog/2026-04-16-claude-mythos-when-ai-learns-to-break-the-internet-who-gets-left-behind/https://miguel.ms/blog/2026-04-16-claude-mythos-when-ai-learns-to-break-the-internet-who-gets-left-behind/Mythos found zero-days across every major OS overnight. The technical story is told. The harder question is what this means for hospitals, governments, and everyone who was not in the room.Thu, 16 Apr 2026 00:00:00 GMTRogue AI Agents: The Incidents Already Happeninghttps://miguel.ms/blog/2026-04-13-rogue-ai-agents-the-incidents-already-happening/https://miguel.ms/blog/2026-04-13-rogue-ai-agents-the-incidents-already-happening/From inbox deletions to sandbox escapes, three significant rogue AI agent incidents in early 2026 reveal the governance gap that no firewall rule can close.Mon, 13 Apr 2026 00:00:00 GMTThe Axios Supply Chain Attack Wasn't a Hack. It Was a Con.https://miguel.ms/blog/2026-04-10-the-axios-supply-chain-attack-wasnt-a-hack-it-was-a-con/https://miguel.ms/blog/2026-04-10-the-axios-supply-chain-attack-wasnt-a-hack-it-was-a-con/The Axios npm package was compromised and hit 100 million weekly downloads. This was not a technical exploit. It was social engineering against the trust assumptions every developer makes.Fri, 10 Apr 2026 00:00:00 GMTThe Karpathy Loop Beyond ML: How Any Business Can Run 36,500 Experiments a Yearhttps://miguel.ms/blog/2026-04-10-the-karpathy-loop-beyond-ml-how-any-business-can-run-36500-experiments-a-year/https://miguel.ms/blog/2026-04-10-the-karpathy-loop-beyond-ml-how-any-business-can-run-36500-experiments-a-year/Karpathy's autoresearch framework is not about ML. Any business with an objective metric and an automated test can run 36,500 experiments a year. Here is how.Fri, 10 Apr 2026 00:00:00 GMTClaude Mythos: The AI That Breaks Everything. Anthropic Is Betting It Can Protect Us Instead.https://miguel.ms/blog/2026-04-08-claude-mythos-project-glasswing/https://miguel.ms/blog/2026-04-08-claude-mythos-project-glasswing/Anthropic built an AI that finds zero-days in every major OS overnight and is withholding it from the public. Project Glasswing gives 52 organisations a head start before adversaries catch up.Wed, 08 Apr 2026 00:00:00 GMTAnthropic Pulled the Rug on Third-Party Harnesses. The Damage Goes Beyond Billing.https://miguel.ms/blog/2026-04-07-anthropic-pulled-the-rug-on-third-party-harnesses/https://miguel.ms/blog/2026-04-07-anthropic-pulled-the-rug-on-third-party-harnesses/Anthropic cut Claude subscriptions for third-party harnesses with less than 24 hours notice. The technical justification holds. The way it was done reveals a platform strategy.Tue, 07 Apr 2026 00:00:00 GMTThe Karpathy Loop Beyond ML: How Any Business Can Run 36,500 Experiments a Yearhttps://miguel.ms/blog/2026-04-03-the-karpathy-loop-beyond-ml-how-any-business-can-run-36500-experiments-a-year/https://miguel.ms/blog/2026-04-03-the-karpathy-loop-beyond-ml-how-any-business-can-run-36500-experiments-a-year/Andrej Karpathy built autoresearch for ML. The real insight is that any business with a metric and an automated test can run 36,500 experiments a year, not 30.Fri, 03 Apr 2026 00:00:00 GMTClaude Code Source Leak: What Actually Happenedhttps://miguel.ms/blog/2026-04-01-claude-code-source-leak-what-actually-happened/https://miguel.ms/blog/2026-04-01-claude-code-source-leak-what-actually-happened/Anthropic accidentally published 512,000 lines of Claude Code source to npm. Here is what was inside: fake tools, undercover mode, KAIROS, and a 5,594-line file.Wed, 01 Apr 2026 00:00:00 GMTThe Machine That Does Its Own Researchhttps://miguel.ms/blog/2026-03-28-the-machine-that-does-its-own-research/https://miguel.ms/blog/2026-03-28-the-machine-that-does-its-own-research/Andrej Karpathy dropped 630 lines of Python that automate the scientific method overnight. Here is what autoresearch actually is, how it works, and why the three conditions of the Karpathy Loop apply to far more than language models.Sat, 28 Mar 2026 00:00:00 GMTNemoClaw Is Not the New OpenClaw. It's the Suit of Armour Around It.https://miguel.ms/blog/2026-03-23-nemoclaw-is-not-the-new-openclaw/https://miguel.ms/blog/2026-03-23-nemoclaw-is-not-the-new-openclaw/Since GTC, everyone's asking whether NemoClaw replaces OpenClaw. It doesn't. Here's the precise difference: what each security layer does, what the gaps are, and who actually needs what.Mon, 23 Mar 2026 00:00:00 GMTAfter GTC: Why a Trillion Dollars Wasn't Enoughhttps://miguel.ms/blog/2026-03-21-after-gtc-why-a-trillion-wasnt-enough/https://miguel.ms/blog/2026-03-21-after-gtc-why-a-trillion-wasnt-enough/Nvidia announced a trillion-dollar order pipeline at GTC 2026. The stock barely moved. Here's what the muted market response actually means, and what the week ahead will tell us.Sat, 21 Mar 2026 00:00:00 GMTGTC 2026 Day 3: China, Healthcare, and the Next ChatGPThttps://miguel.ms/blog/2026-03-19-gtc-day3-china-healthcare-next-chatgpt/https://miguel.ms/blog/2026-03-19-gtc-day3-china-healthcare-next-chatgpt/China is back. Healthcare is spending billions. And Jensen Huang just called OpenClaw the next ChatGPT on national television. GTC 2026 ended with a bang.Thu, 19 Mar 2026 00:00:00 GMTGTC Day 2: The Ecosystem Moveshttps://miguel.ms/blog/2026-03-18-gtc-day2-nemoclaw-enterprise-stack/https://miguel.ms/blog/2026-03-18-gtc-day2-nemoclaw-enterprise-stack/Day 1 was Jensen Huang on a stage making claims. Day 2 was the rest of the industry deciding whether to believe him. They decided yes.Wed, 18 Mar 2026 00:00:00 GMTGTC 2026 Day 1: Jensen Huang Just Changed the Gamehttps://miguel.ms/blog/2026-03-17-gtc-day1-jensen-changed-the-game/https://miguel.ms/blog/2026-03-17-gtc-day1-jensen-changed-the-game/Three hours. 30,000 people. A trillion-dollar order book. Here is everything that happened at GTC 2026 Day 1 and what it means.Tue, 17 Mar 2026 00:00:00 GMTNemoClaw: What the Market Expects From Nvidia's GTC Revealhttps://miguel.ms/blog/2026-03-15-nemoclaw-gtc-reveal/https://miguel.ms/blog/2026-03-15-nemoclaw-gtc-reveal/Tomorrow Jensen Huang takes the stage at GTC 2026. The headline isn't a new chip. Here's what NemoClaw is, how it compares to OpenClaw, and the five things the market is watching for.Mon, 16 Mar 2026 00:00:00 GMTCLI Solved This Problem 50 Years Ago. MCP Still Has Not.https://miguel.ms/blog/2026-03-10-mcp-cli-context-bloat/https://miguel.ms/blog/2026-03-10-mcp-cli-context-bloat/MCP servers are consuming 30% of your AI context window before you type a word. The fix has been sitting in your terminal since 1971.Tue, 10 Mar 2026 00:00:00 GMT"We See Everything": The Workers Paid to Watch What Your Meta Glasses Recordhttps://miguel.ms/blog/2026-03-07-meta-glasses-privacy/https://miguel.ms/blog/2026-03-07-meta-glasses-privacy/Kenyan contractors are reviewing intimate footage from Ray-Ban Meta smart glasses: bathrooms, bedrooms, sexual content. Meta's marketing promised 'designed for privacy, controlled by you.'Sat, 07 Mar 2026 00:00:00 GMTSmall Models and OpenClaw: The Risks That Actually Matter (And When They Don't)https://miguel.ms/blog/2026-03-07-small-models-openclaw-risks/https://miguel.ms/blog/2026-03-07-small-models-openclaw-risks/Running a small local model with OpenClaw sounds attractive: no API bills, full privacy. But the risks are architectural, not theoretical. Here's what you're actually trading away.Sat, 07 Mar 2026 00:00:00 GMTPrediction Markets Are the Most Interesting AI Story You're Not Followinghttps://miguel.ms/blog/2026-03-06-prediction-markets-ai/https://miguel.ms/blog/2026-03-06-prediction-markets-ai/Forty hours before OpenAI launched its browser, thirteen brand-new wallets appeared on the Polygon blockchain. This is what the collision of AI and prediction markets actually looks like.Fri, 06 Mar 2026 00:00:00 GMTThe Developer Who Stopped Writing Code — And Let His AI Fleet Take Overhttps://miguel.ms/blog/2026-03-06-tplink-omada-ai-handover/https://miguel.ms/blog/2026-03-06-tplink-omada-ai-handover/On March 2, 2026, Miguel wrote his last line of code for tplink-omada-mcp. After that date, the humans disappeared from the commit history. The AI fleet took over.Fri, 06 Mar 2026 00:00:00 GMTOpenClaw in 2026: The AI Gateway That Passed React on GitHub Stars — and the Questions Nobody's Answeringhttps://miguel.ms/blog/2026-03-05-openclaw-state-of-platform-2026/https://miguel.ms/blog/2026-03-05-openclaw-state-of-platform-2026/Five weeks. That's how long OpenClaw has existed under its current name. In that time, it surpassed React on GitHub stars. Here's what's actually happening.Thu, 05 Mar 2026 00:00:00 GMTImperial Technology Briefing: The Future of AI Operationshttps://miguel.ms/blog/2026-03-01-imperial-technology-briefing/https://miguel.ms/blog/2026-03-01-imperial-technology-briefing/AI is a force multiplier. A strategic briefing on autonomous systems, operational complexity, and the architecture decisions that separate who survives from who does not.Sun, 01 Mar 2026 00:00:00 GMT