A week dominated by the question of who gets to say no. The US government ordered Anthropic to pull its two most capable models over a jailbreak claim the company says proves nothing other models cannot already do, the first time a frontier lab has had a flagship recalled by directive rather than choice. The dealmaking told a quieter version of the same story: OpenAI bought Ona, 1Password bought Apono, and SpaceX bought Cursor for $60bn days after going public, three bets that the constraint on AI agents is no longer capability but control: where they run, what they can touch, and who can shut them off. Vercel made the same wager in open source, releasing a framework that bakes that control into the structure of an agent itself. Cutback aimed automation at the part of video editing nobody enjoys, and the EU set a clock running toward its August labelling deadline. And in the week’s strangest turn, Midjourney left image generation behind to unveil a full-body medical scanner you step into like a bath. Here’s what mattered.
Listen to the AI-Powered Audio Recap
This AI-generated podcast is based on our editor team’s AI This Week posts. We use advanced tools like Google NotebookLM, Descript, and Elevenlabs to turn written insights into an engaging audio experience. While the process is AI-assisted, our team ensures each episode meets our quality standards. We’d love your feedback—let us know how we can make it even better.
TL;DR
- The US government ordered Anthropic to suspend access to Fable 5 and Mythos 5 over a contested cybersecurity jailbreak claim, forcing the first government-mandated recall of a frontier model and prompting Anthropic to comply while disputing the standard.
- Vercel released eve, an open-source framework that treats an AI agent as a directory of files and ships production essentials like durable sessions, sandboxing, and approvals built in, betting that agents now need a standard shape the way the web needed Next.js.
- Midjourney, the AI image-generation lab, announced Midjourney Medical and a full-body ultrasonic scanner it claims maps the body in 60 seconds at MRI-comparable quality, to be housed in a San Francisco spa opening in 2027.
- Cutback released a new version of Selects that automates the prep stage of long-form video editing, building a draft edit from a single prompt and claiming to cut around 60% of prep time per project.
- OpenAI is acquiring Ona to give Codex agents secure, persistent cloud environments that keep running after a session ends, betting that where agents execute matters as much as how capable they are.
- SpaceX agreed to buy Cursor maker Anysphere for $60bn in an all-stock deal, days after its $2 trillion Nasdaq debut, pushing xAI into the enterprise coding market against Claude Code and Codex.
- 1Password acquired Apono to extend from storing credentials to governing how employees, machines, and AI agents use them, positioning itself as the access control plane for agentic AI.
- The EU published a voluntary Code of Practice for labelling AI-generated content, ahead of binding transparency obligations under Article 50 of the AI Act that take effect August 2.
🛡️ Safety & Security
Anthropic Forced to Pull Fable 5 and Mythos 5 After a US Government Directive
Just a few days after the launch of Anthropic’s newest models, the story has flipped. On June 12, Anthropic disabled Fable 5 and Mythos 5 for every customer after the US government issued an export control directive ordering the company to suspend access for all foreign nationals, including its own foreign national employees, whether based inside or outside the United States. Compliance at that scope was not workable on a per-user basis, so the practical result was a full shutoff of both models. Every other Anthropic model stayed online.
The directive landed at 5:21 pm ET and arrived without a detailed account of the national security concern behind it. Anthropic’s understanding is that the government had learned of a technique for bypassing Fable 5’s safeguards. The company reviewed a demonstration of the method and found that it surfaced a handful of previously known, minor vulnerabilities, the kind that other publicly available models can locate on their own without any bypass.
Anthropic pushed back on the reasoning. The company restated the safeguard posture it published at launch: protections strong enough that some users had complained they blocked too much, thousands of hours of red-teaming alongside the US government, the UK AI Safety Institute, outside organizations, and internal teams, and no universal jailbreak found by any tester. Its position is that perfect jailbreak resistance is not achievable for any provider today, which is why it built Fable 5 around a defence-in-depth approach: keep jailbreaks either narrow or costly to produce, then pair that with monitoring to catch and shut down live attacks. The 30-day customer data retention requirement on Fable, a policy Anthropic says costs it real goodwill with customers, exists to support that monitoring and research.
According to Anthropic, the only evidence the government has provided so far is verbal, describing a narrow jailbreak that amounts to asking the model to read a codebase and fix its flaws. The company says it reviewed what it believes is the underlying report and confirmed that the capability shown is widely available from other models, including OpenAI’s GPT-5.5, and is used routinely by the defenders who keep systems secure.
Anthropic is complying while disputing the standard. Its argument is that recalling a commercial model used by hundreds of millions of people over a narrow potential jailbreak would, if applied across the industry, effectively stop all frontier model deployment. The company reiterated its view that governments should be able to block unsafe releases through a process that is transparent, fair, clear, and grounded in technical facts, and said this action met none of those conditions. It called the situation a misunderstanding and said it is working to restore access.
Why it matters: This is the first time a frontier lab has had a flagship model pulled from the market by government order rather than by its own decision. The trigger was a narrow, contested jailbreak rather than a demonstrated harm, and Anthropic says it produces nothing other models cannot already do. If a finding at that threshold can force a recall, the operative question for every lab moves from whether a model is safe at release to whether someone can construct a plausible bypass afterward, a target no provider claims to have fully solved.
⚙️ New Tools & Models
Vercel Ships Eve, a Framework That Treats an AI Agent Like a Directory of Files
Vercel has introduced eve, an open-source framework for building, running, and scaling AI agents, built on the premise that defining what an agent does should not require assembling all the infrastructure it needs to run in production. The company’s framing is that agents today are where the web was before frameworks, with every team hand-rolling the same plumbing and none of it carrying to the next project. The comparison it reaches for is Next.js, which ended that pattern for web apps. It is also the framework Vercel runs its own agents on.
The core idea is that an agent is a directory. Each file describes one component: the model, an instructions file that acts as the system prompt, a tools folder, skills as markdown files, subagents to delegate to, channels for where it lives, and schedules for when it acts on its own. A tool is one TypeScript file and a skill is one markdown file, and eve wires them in at build time without boilerplate. The production pieces ship with the framework: durable sessions that survive a crash and resume where they stopped, a sandbox that keeps agent-generated code out of the application runtime, approvals configurable on any action, secure connections where the model never sees credentials, and built-in tracing and evals. The same agent serves every channel through adapter files, and deployment is an ordinary Vercel project push.
Vercel backed the release with its own usage, saying it runs more than a hundred agents in production, including a data analyst handling over 30,000 questions a month and a support agent resolving 92% of tickets on its own. It also says agents now trigger around 29% of deployments on its platform, up from under 3% a year ago.
Why it matters: This is the same conclusion the week’s acquisitions kept circling, reached from the developer-tooling side. OpenAI bought Ona for execution environments and 1Password bought Apono for access governance, while Vercel is betting the missing layer is a standard structure, the shape an agent takes once enough teams have built one the hard way. The durable-session, sandbox, and approval primitives map almost exactly onto the enterprise objections that keep agents stuck in pilots, which tells you where the field thinks the bottleneck sits. The Next.js analogy is doing heavy lifting and worth scrutinizing, since web routing is a more settled problem than agent design, and a framework that bakes in opinions this early can calcify patterns no one has agreed on yet. The lock-in question is the one to sit with: the framework is open source, but the smoothest path runs through Vercel’s own deployment, sandbox, and observability.
🚀 Products and Strategy
The AI Image Lab Midjourney is Now Building a Medical Scanner
Midjourney, best known for AI image generation, has announced Midjourney Medical, a new division built around a full-body imaging device it calls the Midjourney Scanner. The pitch is a machine that scans your whole body in about 60 seconds using sound waves and a pool of water, with no radiation. You step onto a platform, descend into the water, and pass through a ring of sensors that send ultrasonic waves through your body, with the reflections reconstructed into a 3D map. Midjourney calls the approach “Ultrasonic CT” and compares the image quality to an MRI at close to a hundred times the speed.
The delivery vehicle is unusual. Midjourney plans a flagship “Midjourney Spa” in San Francisco opening at the end of 2027, a wellness venue with hot tubs and saunas where the scan is framed as a near-invisible side effect. The longer-term ambition is roughly 50,000 scanners and a billion scans a month by 2031. The near-term product is body composition maps, with FDA submissions planned to expand what the device is cleared to do.
A few things the announcement glosses over matter. It did not make clear what stage of R&D the scanner is at, and admitted the company still needs to solve a major computational task: how to turn the noisy waves into usable images. Reporting says the scanner was developed with Butterfly Network and uses 40 of its Ultrasound-on-Chip modules per system, and Butterfly’s shares jumped 17%.
Why it matters: Strip away the spa staging and the claims still need independent validation, which has not happened. Ultrasound is well established, but fast whole-body scans at MRI-comparable quality are the part that needs outside proof. The grounded read is an early prototype on a moonshot timeline, where hardware, FDA clearance, and the economics of wet consumer facilities are all less forgiving than shipping a software model. The broader signal is the ambition itself: a profitable, investor-free image lab deciding its next act is to rebuild medical imaging. For the health claims specifically, the figure to treat with the most caution is the suggestion that early imaging could avoid 30% of deaths and half of healthcare costs, a projection with no evidence behind it yet.
Cutback’s Selects Takes Over the Grunt Work of Long-Form Video Editing
Cutback has released a new version of Selects, its AI assistant for long-form video editing, built to take over the prep work that sits between raw footage and the first creative decision. An editor drops in the recordings and Selects syncs, organizes, and cuts them within minutes, so a project opens at the storytelling stage instead of the cleanup stage. The company’s framing is to keep the editor on the craft and hand the mechanical groundwork to the assistant.
The tool handles professional multicam from the start, with automatic sync, speaker detection, camera assignment, and selection of the best audio track across every angle, plus support for 4K and 360 footage. It arranges the material into a stringout organized by scene and topic, the way an assistant editor would, and adds transcripts and chapter markers that make a long recording searchable. Natural-language search pulls specific moments on request, so finding an intro or a particular reaction no longer means scrubbing the timeline.
The centrepiece of the release goes further. From a single prompt, Selects builds a draft edit with storyline and pacing already in place, then layers in silence and filler-word removal, camera switching that follows the active speaker, and B-roll placement. An editor can specify duration, narrative angle, and switching preferences in plain language and get a structured assembly to refine rather than an empty timeline to fill. When the draft is ready, the project hands off cleanly to Adobe Premiere Pro, Final Cut, or DaVinci Resolve as a labelled timeline that fits an existing workflow.
Cutback says the workflow removes around 60 percent of prep time per project, the figure that matters most for studios cutting several long episodes a week. Selects is available now as a standalone desktop app with a 7-day free trial. The San Francisco company is an Official Adobe Video Partner, led by co-founder and CEO Tom Kim, and also ships Premiere Assistant, a plugin that automates transcription, silence removal, and repetitive work inside Premiere Pro. Selects has been picking up adoption among podcast teams, YouTube studios, and post-production shops cutting interview-driven content.
Why it matters: AI has mostly automated the easy end of video, short-form clipping and captioning, while long-form assembly stayed manual. The reason is that long-form prep is structural rather than cosmetic, and building a coherent multicam stringout is the recurring drain on a studio’s time. Cutback is betting the front half of editing is where the real hours are won back, and the 60 percent prep reduction is the claim that decides whether that bet lands. The positioning matters too: this is an AI layer that produces a starting point rather than a finished video, leaving creative control with the editor and slotting into the finishing tools teams already use.
📊 The Business of AI
OpenAI Acquires Ona to Give Codex Agents a Persistent Place to Run
OpenAI is buying Ona, a company that builds secure cloud development environments, and folding its execution and orchestration technology into Codex. The deal targets a specific gap: as Codex agents take on longer work, they need somewhere to keep running after the laptop that started the job closes.
OpenAI says Codex now reaches more than 5 million weekly users, up 400% from earlier in the year, and has grown from a developer tool into something a broader set of people use to research, build, and automate. The framing is that the most valuable Codex work is starting to unfold over hours or days rather than minutes, so a user should be able to hand off a task and then check progress, give direction, and review results from anywhere.
Ona is the reason OpenAI wants in. The company has spent years moving development off local machines into reproducible cloud environments, and says it has supported 2 million developers. Its model lets agents run inside a customer’s own cloud while OpenAI supplies the intelligence and orchestration on top. That split is the point OpenAI keeps returning to: organizations get control over where agents run, what they can access, how credentials are scoped, and how activity is logged, without giving up Codex capability. The deal still needs to clear regulatory approvals, and the two companies stay independent until closing.
Why it matters: The competitive front in coding agents is shifting from model quality to where the agent is allowed to run. OpenAI is betting that enterprises will not deploy long-running agents at scale until those agents operate inside their own security and governance boundaries, and buying Ona lets it offer that without surrendering the orchestration layer.
SpaceX buys Cursor maker Anysphere for $60bn, days after going public
SpaceX has agreed to acquire Anysphere, the company behind the AI coding tool Cursor, in an all-stock deal valuing the startup at $60 billion. The agreement comes just four days after SpaceX’s debut on Nasdaq. The June 12 listing valued the company at more than $2 trillion and made it one of the world’s most valuable firms.
The deal traces back to an arrangement set up months ago. SpaceX said in April it had secured an option to either acquire the San Francisco company for $60 billion later this year, or pay $10 billion for a new partnership. It chose to buy. The transaction is structured as a stock merger between Anysphere and a wholly owned SpaceX subsidiary called X67, and notably, the structure indicates the capital raised in SpaceX’s IPO is not being used to fund the deal. Anysphere shareholders will receive SpaceX Class A stock, with the exchange ratio based on SpaceX’s seven-day average share price as of the closing date. It is expected to close in the third quarter of 2026, subject to regulatory approval.
The strategic logic runs through xAI. SpaceX merged with xAI, the maker of the Grok chatbot, in February, and the Cursor deal could give xAI a stronger foothold in the AI coding market where it has so far lagged rivals. Cursor itself has grown fast. Founded in 2022, it lets users write, debug, and modify code using natural-language prompts, putting it in direct competition with Anthropic’s Claude Code and OpenAI’s Codex. Reporting puts Cursor above $4 billion in total annualized revenue as of early June 2026, up from roughly $3 billion in late April and $2 billion in February, with about $2.6 billion attributable to enterprise B2B customers. Its earlier backers included Nvidia and OpenAI.
The filing also spells out the cost of failure. SpaceX would pay a $10 billion termination fee under specific circumstances, and a separate $4 billion “regulatory” termination fee if the deal collapses due to antitrust issues.
Why it matters: This is a rocket and satellite company buying its way to the front of the enterprise coding market in a single move, financed entirely with stock that the public markets only just priced. The timing is the tell: filing the acquisition four days after the IPO suggests the listing was about acquisition currency as much as cash, giving SpaceX tradable equity to make large bets without touching the raised capital. For the coding-agent field, it reshapes the competitive map. Cursor sits alongside Claude Code and Codex, and it now has access to xAI’s models and SpaceX’s compute, which changes the resourcing behind a tool many engineers already use daily. For teams standing up on Cursor, the open question is what new ownership means for model defaults, data handling, and roadmap independence.
Ready to explore what AI can do for your organization?
1Password Buys Apono to Govern What AI Agents Are Allowed to Touch
Toronto’s 1Password has acquired Apono, a New York company specializing in just-in-time access governance, in a move to extend its reach from storing credentials to controlling how they get used. 1Password said Apono will let it help businesses secure and govern the credentials that employees, machines, and AI agents need to do their work, from within a single unified control plane. Financial terms were not disclosed.
The deal targets a problem that agentic AI has made urgent. 1Password’s framing is that enterprise identity was built in silos for a world before AI, with separate systems for humans, for machines, and for the credentials each one holds. Apono’s approach is dynamic rather than static: its technology grants access only when required, scopes permissions to specific tasks, continuously monitors activity, and automatically revokes privileges when the work is done. For AI agents specifically, permissions are derived from the human who authorized them, and access can be restricted or revoked if behaviour deviates from the approved task. Apono integrates with more than 200 enterprise systems, including AWS, Azure, Google Cloud, Kubernetes, Snowflake, and Databricks.
The acquisition pairs with a product that 1Password launched alongside it. The new 1Password Credential Broker, now in private beta and initially supporting GitHub Actions workload identity, is designed to keep credentials in 1Password’s zero-knowledge vault and hand out approved tokens or federated access only when needed. Apono governs how those credentials are then used. CEO David Faugno’s argument is that a system people will not work around, that can broker access to agents, is what unlocks the value agentic workflows represent. The company plans to keep Apono available as a standalone product while integrating it into Unified Access.
On the business side, Apono had raised $54 million in total funding before the deal, and the acquisition marks 1Password’s first foray into Israel, where Apono has an office and where Faugno cited the local security talent pool. More than 180,000 businesses and over a million developers currently use 1Password.
Why it matters: Faugno is naming out loud the thing that keeps agentic AI stuck in pilots: organizations will not give autonomous agents broad, persistent access to production systems, and most identity infrastructure was never designed to grant access narrowly and temporarily. The bet is that whoever controls credential issuance plus runtime access governance owns the layer every other AI deployment has to route through, which is why “control plane” is the operative phrase. It is also a notable Canadian story, with 1Password making its third acquisition of its AI era to move up the value chain from password vault to enterprise access governor. The pattern is worth noticing across this week’s news: OpenAI buying Ona, 1Password buying Apono, both chasing the same conclusion, that the constraint on enterprise agents is not model capability but whether the agent can be scoped, monitored, and revoked.
⚖️ Policy & Regulation
EU Releases its AI Labelling Guidance with the AI Act Deadline Weeks Away
The European Union has put out a voluntary Code of Practice for labelling AI-generated content, a guide meant to help companies meet transparency obligations that become law on August 2. The European Commission released the final Code on June 10, setting out practical steps for the businesses that build and use generative AI to mark and label what their systems produce.
The distinction between the Code and the law is the thing to keep straight. The Code is optional. The obligations it points to are not. They sit under Article 50 of the EU AI Act, and from August 2, 2026, they apply whether or not a company signs the Commission’s guidance. Signing simply gives a business a recognized way to show it complies.
Two things have to be flagged once the rules take effect. Deepfakes and AI-generated or AI-manipulated text published on matters of public interest have to carry a label, and anyone interacting with an AI system such as a customer-service bot has to be told they are dealing with a machine. The Code divides the responsibility across the supply chain. The companies that build generative models are asked to mark their output in a machine-readable format so it can be detected downstream. The companies that deploy those models handle the visible labelling, which for public-interest AI text applies when the content has gone out without human review or editorial control. To keep it practical, the Code relies on open technical standards and a common EU icon, giving users a consistent visual cue and sparing businesses from inventing their own. Commission executive vice-president Henna Virkkunen framed it around a right for Europeans to know whether what they see, hear, or read has been made or altered by AI, particularly when it can shape public debate.
This is not the finished picture. The Code is now open for signatures, still needs the Commission and the AI Board to judge it adequate, and separate Commission guidelines are due to clarify the law and cover what the Code leaves out. Six independent experts drew it up with input from more than 180 stakeholders, making it the first instrument to tackle AI content labelling under the Act. Companies serving European users have under two months to determine what they need to label and how, with much of the harder detail still resting on guidelines the Commission has not yet published.
Why it matters: August 2 is a hard date, and the labelling obligations apply to any company serving European users regardless of where it is based, which pulls Canadian and US firms into scope if they have EU customers. The structural choice worth noting is the split between machine-readable marking at the model layer and visible labelling at the deployment layer, because it means the compliance burden lands differently depending on whether you build models or build products on top of them. The uncomfortable part is the timeline: the law arrives in weeks while the guidelines that explain the harder edge cases are still pending, so organizations have to start building labelling workflows against rules that are not fully specified yet.
Keep ahead of the curve – join our community today!
Follow us for the latest discoveries, innovations, and discussions that shape the world of artificial intelligence.
