EveryDev.ai
Subscribe
Main Menu
  • Tools
  • Developers
  • Topics
  • Discussions
  • Communities
  • News
  • Podcasts
  • Blogs
  • Builds
  • Contests
  • Compare
  • Arena
  • Polls
Create
AI Tools by Topic
  • AI Coding Assistants
  • Agent Frameworks
  • MCP Servers
  • AI Prompt Tools
  • Vibe Coding Tools
  • AI Design Tools
  • AI Database Tools
  • AI Website Builders
  • AI Testing Tools
  • LLM Evaluations
Follow Us
  • X / Twitter
  • LinkedIn
  • Reddit
  • Discord
  • Threads
  • Bluesky
  • Mastodon
  • YouTube
  • GitHub
  • Instagram
Get Started
  • About
  • Editorial Standards
  • Corrections & Disclosures
  • Community Guidelines
  • Advertise
  • Contact Us
  • Newsletter
  • Submit a Tool
  • Start a Discussion
  • Write A Blog
  • Share A Build
  • Terms of Service
  • Privacy Policy
Explore with AI
  • ChatGPT
  • Gemini
  • Claude
  • Grok
  • Perplexity
Agent Experience
  • llms.txt
Theme
With AI, Everyone is a Dev. EveryDev.ai © 2026
    1. Home
    2. News
    3. Weekly AI Dev News Digest: July 11 - 17, 2026
    Sam Moore's avatar
    Sam Moore
    July 17, 2026·Senior Software Engineer
    Discuss (0)
    Weekly AI Dev News Digest: July 11 - 17, 2026

    Issue #28 · Weekly Digest

    Weekly AI Dev News Digest: July 11 - 17, 2026

    July 17, 2026

    Moonshot shipped the largest open-weight model ever built the same week GitHub, Anthropic, and OpenAI spent their releases fencing in the coding agents. The cheaper and more capable the models feeding those agents get, the more the guardrails around them start to matter.

    On July 16, Moonshot AI launched Kimi K3, a 2.8-trillion-parameter model it calls the largest open-weight release to date, with a 1-million-token context window and an API live the same day. On July 14, three coding tools moved the other direction: GitHub Copilot CLI hard-blocked file edits during plan mode, Anthropic's Claude Code shipped fixes that stop invisible characters from altering an approval prompt, and two days later OpenAI's Codex tightened its dangerous-command detection.

    The reason those fences went up landed on July 14 too. Attackers compromised the release pipelines of four core AsyncAPI repositories and pushed five trojanized packages to npm. An agent that installs dependencies on a developer's behalf is exactly the blast radius that kind of compromise reaches.

    46%

    peak Chinese-model share of US OpenRouter tokens

    ·

    $1.25/$4.25

    Meta's first paid model API per 1M tokens

    ·

    4.2x

    fewer output tokens, Grok 4.5 vs Opus 4.8

    ·

    295B

    parameters in Tencent's Apache-2.0 Hy3

    ·

    27x

    Vercel's GLM-5.2 token growth in week one

    In Focus

    Moonshot Released Kimi K3, the Largest Open-Weight Model Yet

    Moonshot AI, backed by Alibaba, launched Kimi K3 on July 16: a Mixture-of-Experts model with roughly 2.8 trillion total parameters, a 1-million-token context window, and native multimodal input. Moonshot says the weights go public on July 27, which would make K3 the largest open-weight model released to date, more than double the roughly 1 trillion in the prior Kimi K2 line and clear of DeepSeek's 1.6-trillion V4-Pro. In blind testing by the Arena evaluator, developers preferred K3 over every leading US model, though Moonshot's own numbers put it behind GPT-5.6 Sol and Claude Fable 5 in some areas. At around $12 per million tokens, it is priced higher than the deep discount Chinese labs are usually known for. (Axios)

    Our Read

    Two caveats keep this from being settled fact. The weights are not out until July 27, so nobody outside Moonshot can inspect or self-host it yet, and most of the benchmarks are the lab's own. What is real regardless is the scale and the price: a 2.8T MoE that serves through an OpenAI-compatible API and is slated to ship downloadable weights puts Opus-class capability inside reach of anyone willing to run it. That is the pressure the Western labs are pricing against.

    In Focus

    Coding Tools Added Guardrails Against Their Own Agents

    GitHub Copilot CLI's July 14 update hard-blocks workspace-mutating tool calls during plan mode. Before the change, a model could drift mid-plan and trigger a file edit while a developer thought the agent was only sketching an approach. The fix moves the block to the runtime layer instead of relying on the prompt to hold the line, and it extends the sandbox filesystem policy to cover Language Server Protocol access paths. The release also brought the canvas API into the terminal and a /voice devices command for saving a preferred microphone. (TechTimes)

    Claude Code's releases across the week ran on the same theme. One fix stops permission previews from being spoofed by bidirectional-override, zero-width, and look-alike quote characters, so a tool's inputs can no longer visually rewrite the approval message a developer sees. Another floors a PreToolUse hook's ask decision so auto mode can't override it for unsandboxed Bash, and background task notifications now state plainly that no human input occurred, which blocks a fabricated in-transcript approval from being acted on. A separate shell-injection fix rejects ${user_config.*} in shell-form plugin commands. (Claude Code changelog)

    OpenAI's Codex 0.144.5, out July 16, improved its dangerous-command detection, catching more forced rm forms and returning clearer reasons when a command is denied. On its own it is a patch. Read next to the GitHub and Anthropic changes, it is the third coding agent in one week to spend a release tightening what its own automation is allowed to run. (Codex changelog)

    Our Read

    For most of the last year the pitch was autonomy: let the agent plan, edit, run, and install without checking in at every step. These releases are the bill for that pitch. The interesting work now is at the trust boundary, where an untrusted repo, a hidden character, or a hallucinated approval meets a tool that can act.

    In Focus

    A Supply-Chain Attack Hit AsyncAPI's npm Packages

    On July 14, attackers compromised the release pipelines of four core AsyncAPI GitHub repositories and published five trojanized packages to npm under a campaign calling itself miasma-train-p1. Palo Alto Networks' Unit 42, which has tracked an escalating run of registry attacks through 2026, identified the payload as a descendant of the Miasma remote access trojan. The attack bypassed code review by injecting into the build and release path rather than a pull request. (Unit 42)

    Why This Matters

    AsyncAPI is developer infrastructure, and its packages sit inside CI pipelines and build agents. That is the same surface the week's coding-agent guardrails are trying to protect. An agent told to add a dependency does not run code review by instinct, and a poisoned postinstall script executes the moment the package lands. The mitigations are old and boring: pin versions, set ignore-scripts, run installs behind an allowlist. The reason to revisit them is that agents now pull packages faster than a human would stop to check.

    In Focus

    Anthropic and GitHub Added Enterprise and API Controls

    Anthropic opened an Admin API beta for Claude Enterprise organizations on July 14. Admins can list and look up members by email, change roles, remove people, manage invites and groups, and read custom roles over the API instead of the dashboard. Group and custom-role calls require the ce-user-management-2026-07-13 beta header, and an Admin API key scoped to read:org_audit can call every user-management GET endpoint. The platform also made mid-conversation system messages generally available on the Claude API, Amazon Bedrock, and Google Cloud with no beta header, across Claude Fable 5, Claude Mythos 5, and Claude Opus 4.8. (Claude release notes)

    The same day, Anthropic made HIPAA configuration self-serve for both Claude Enterprise and the Claude Platform. An eligible admin can now review the Business Associate Agreement, download the implementation guide, and switch on the HIPAA configuration in a single flow, without routing the request through a sales or support cycle. (Anthropic support)

    GitHub added a /security-review slash command to the GitHub Copilot app in public preview, bringing the AI vulnerability scan that already lived in Copilot CLI into the everyday coding surface. It analyzes in-flight changes, scores findings by severity and confidence, and offers fixes a developer can apply and re-verify without leaving the app. (GitHub Changelog)

    Copilot for JetBrains added bring-your-own-key support for OpenAI-compatible custom endpoints, so teams can point the assistant at their own models across every plan tier. (GitHub Changelog)

    Visual Studio's Copilot update introduced trust validation for MCP servers: at startup it now compares an MCP server's configuration and asset fingerprint against a trusted baseline, flagging drift before the server is used. That, plus general availability for the first C++ modernization-agent scenarios, rounded out GitHub's July 14 batch. (GitHub Changelog)

    Signals

    Signals from the Edges

    Cursor 3.11 added Side Chats for parallel agents

    The Cursor update lets developers run parallel agent conversations, search full transcripts, and reach more granular agent controls and project selection. It is the kind of multi-agent management surface that shows up once one agent per task stops being enough.

    TestingCatalog→

    OpenAI shipped a physical Codex keypad

    The Codex Micro is a small hardware controller with real-time RGB status lights and customizable controls, aimed at developers juggling several running agents at once. A novelty, but a telling one about how many agents people are now running in parallel.

    TestingCatalog→

    Anthropic launched Claude for Teachers

    Verified US K-12 educators get free access to Claude, including Claude Code and Cowork, plus an open-source repository of the teaching skills and new education connectors. The build-it-yourself angle, not the free tier, is what makes it worth a developer's attention.

    Anthropic→

    A harness claimed 99% on ARC-AGI-3, self-reported

    Impossible Research introduced Schema, an agent harness that reaches 99% on the ARC-AGI-3 Public set with Opus 4.8 and Fable 5 by wrapping the models in an executable world-model loop rather than changing weights. The number is self-reported and not verified by ARC Prize, and the public set is the easier, saturable one, so read it as a technique worth watching, not a solved benchmark.

    Schema→

    Looking Ahead

    What to Watch

    1. 1

      Gemini 3.5 Pro's slip

      Google's flagship missed the July 17 window, its third delay since June, with Bloomberg reporting that coding performance fell short of internal goals and Alphabet shares down around 3%. That leaves Google as the only major lab without a 2026 flagship in general production. Watch for the next target, reported around late July, and whether Google ships a stopgap Flash release instead of the Pro.

    2. 2

      DeepSeek V4's move off preview

      The official V4 release carries peak-and-off-peak API pricing, doubling rates during Beijing business hours, the first time a major model API meters by time of day. The legacy deepseek-chat and deepseek-reasoner endpoints retire July 24, so integrations built on those aliases need to migrate.

    3. 3

      Cloudflare's crawler default flips September 15

      For new domains, Training and Agent crawlers get blocked by default on ad-supported pages, and multi-purpose crawlers like Googlebot fall under the most restrictive rule. Anyone standing up a site behind Cloudflare before then should check the zone security settings deliberately.

    The agents can open apps, edit files, and pull packages on their own now, and the models behind them are getting cheaper and more open by the month. The work of the next few releases is making sure a poisoned dependency or a spoofed prompt cannot turn that cheap, capable autonomy against the person running it.


    About the Author

    Sam Moore's avatar
    Sam Moore

    Senior Software Engineer

    Hi everyone, I'm a vibe coder and a software enthusiast, hit me up with any questions on vibe coding tools

    Comments

    No comments yet

    Be the first to share your thoughts