Weekly AI Dev News Digest: March 23-27, 2026

March 27, 2026·Founder at EveryDev.ai

Sora is done. OpenAI announced on Tuesday that it's shutting down the app, the API, and video generation in ChatGPT. The Disney licensing deal, which was supposed to be a billion-dollar bet on AI video, dissolved before money even changed hands. Turns out burning $15 million a day on inference with almost no revenue is not a viable business, even for OpenAI. The compute is being redirected toward robotics and AGI research. On the other side of the agentic arms race, Anthropic shipped computer use, auto mode, auto-fix PRs, mobile app integrations, and Claude Code Channels in a single week. If you lost track of what Claude can do between Monday and Friday, you're not alone.

The security section this week is unusually loaded. A threat actor called TeamPCP chained compromises from Trivy to Checkmarx to LiteLLM, planting credential harvesters and Kubernetes backdoors in a package that gets 3.4 million downloads a day. Georgia Tech researchers counted 35 CVEs from AI-generated code in March, nearly six times January's count. The FCC banned foreign-made routers entirely. And Cursor's Composer 2 turned into a transparency controversy when a developer found Moonshot AI's Kimi K2.5 model ID sitting in plain sight in the API traffic. The week's throughline: we're building faster than we can verify, and both the attack surface and the governance tooling are expanding to match.

OpenAI Kills Sora, Disney Deal Collapses

Sora is dead. OpenAI is shutting down the app, the API, and ChatGPT video generation. Six months in, Sora was burning about $15 million a day on inference, with total revenue of only $2.1 million. Downloads dropped 66% from the peak. Disney's $1 billion investment and three-year licensing deal ended before any money moved. OpenAI says the Sora team will shift to world simulation research for robotics. (TechCrunch, Axios, CNN)
OpenAI is buying companies faster. They've made 17 acquisitions since 2023, with 6 already in 2026, almost as many as all of last year. The latest: Astral (Python dev tools, March 19) and Promptfoo (AI security testing, March 9). Even after raising $110 billion in February, HSBC projects a $207 billion funding gap by 2030. (Crunchbase)

Anthropic Ships Computer Use, Auto Mode, and Mobile Apps

Claude can now control your Mac. Computer use launched in Cowork and Claude Code on March 23 as a research preview for Pro and Max plans. Claude can open files, navigate browsers, fill spreadsheets, and run dev tools, no setup needed. It pairs with Dispatch, so you can assign tasks from your phone and return to finished work on your desktop. (CNBC, 9to5Mac)
Claude Code auto mode solves the permission prompt problem. Instead of approving every file write or skipping permissions, auto mode uses an AI safety layer to review each action before it runs. It checks for destructive behavior and prompt injection. Available now for Teams as a research preview; Enterprise and API support are coming. Works with Sonnet 4.6 and Opus 4.6 only. Anthropic recommends using sandboxed environments. (TechCrunch)
Claude Code can now auto-fix pull requests. When a CI check fails or a reviewer leaves a comment, Claude investigates and pushes a fix if one is clear. Works on PRs created in Claude Code on the web, from mobile, or any existing PR by pasting the URL. Requires the Claude GitHub App on your repo. (Claude Code Docs)
Claude Code Channels connects your terminal to Discord and Telegram. You can now text Claude Code both ways through chat platforms. The Channels feature expanded to Teams and Enterprise plans on March 24. Cloud-scheduled tasks now run on Anthropic-managed infrastructure, even when your machine is off. (Silicon Republic)
Interactive apps are now on Claude mobile. The iOS and Android apps connect to Figma, Canva, Amplitude, and other tools. You can pull up live charts, create presentations, and check analytics dashboards from a chat interface on your phone. Anthropic is also working on 'Orbit,' a feature for deeper smartphone access like creating calendar events and making calls. (Anthropic Release Notes, Storyboard18)
Claude Code v2.1.52 adds the --bare flag and several fixes. The --bare flag skips hooks, LSP, plugin sync, and skill directory walks for scripted calls, making SDK-pattern usage about 14% faster. Other updates: --channels permission relay to send tool approval prompts to your phone, effort frontmatter support for skills, and a rate_limits field in statusline scripts. Multiple fixes for OAuth, voice mode, session resume, and MCP timeouts. (Anthropic Release Notes)

Security

LiteLLM supply chain attack is the biggest AI infrastructure breach of the year. Threat actor TeamPCP backdoored PyPI versions 1.82.7 and 1.82.8 on March 24 with a three-stage payload: credential harvester (SSH keys, cloud creds, crypto wallets, .env files), Kubernetes lateral movement toolkit, and persistent systemd backdoor. The attack cascaded from a compromised Trivy GitHub Action through Checkmarx KICS to LiteLLM. The package gets ~3.4M downloads/day and is present in 36% of cloud environments. Packages were live for about 3 hours before PyPI quarantined them. TeamPCP claims a partnership with LAPSUS$. (The Hacker News, Snyk, Datadog Security Labs)
FCC bans all new foreign-made consumer routers. The order, effective March 23, adds all consumer routers manufactured outside the US to the FCC's Covered List, blocking new models from certification and sale. Existing devices are grandfathered. Exceptions require approval from the Department of War or DHS. The FCC cited China-backed groups Volt Typhoon, Salt Typhoon, and Flax Typhoon. China produces roughly 60% of the global router market. TP-Link is particularly affected. (TechCrunch, FCC FAQ)
Langflow CVE-2026-33017 was exploited within 20 hours of disclosure. No public proof-of-concept existed when attacks began. The critical RCE flaw (CVSS 9.3) in the open-source AI platform allows unauthenticated code execution. CISA added it to the KEV catalog with a patch deadline of April 8. The median time-to-exploit continues to shrink; Rapid7's 2026 report puts it at just 5 days from publication to inclusion in KEV. (The Hacker News)
Georgia Tech researchers tracked 35 new CVEs in March from AI-generated code. That's up from 6 in January and 15 in February. They monitor about 50 coding assistants (Claude Code, Copilot, Cursor, Devin, Windsurf, Amazon Q, and others) with a Vibe Security Radar dashboard. The pattern is clear: as AI writes more production code, the vulnerability surface grows. (Infosecurity Magazine)
New security tools now target AI-generated code. Black Duck launched Signal, a security tool built for AI-generated code in developer workflows. Apiiro released AI-powered threat modeling that works on a code-to-runtime graph, replacing the old spreadsheet-and-diagram approach during design. Both shipped the week of March 22-23. (Help Net Security, GlobeNewsWire)

Developer Platforms and Tools

Cursor was caught using Moonshot AI's Kimi K2.5 without attribution. A developer found the model ID 'kimi-k2p5-rl-0317-s515-fast' in Cursor's API traffic on March 19. Cursor's VP Lee Robinson acknowledged the open-source base but said about 25% of compute came from Kimi, with the rest from proprietary training. The issue: Kimi K2.5's license requires prominent UI attribution for products making over $20 million a month. Cursor is estimated at $166 million per month. Co-founder Aman Sanger called the omission 'a miss.' (TechCrunch, VentureBeat)
MCP now has over 97 million installs. Every major AI provider, OpenAI, Google, xAI, Mistral, Cohere, ships MCP-compatible tools. The server registry lists over 4,000 published servers. The MCP working group published Security Standard v1.1 in March, covering prompt injection, server authentication, and scope limits. Sixteen months from launch to near-universal adoption. (Digital Applied)
OpenAI Codex now has a plugin system with Slack, Figma, Notion, and Gmail. Plugins are installable bundles that package skills, app integrations, and MCP server configs into shareable, versioned units. They work across the Codex app, CLI, and IDE extensions. An official directory is live; self-serve publishing is coming. Codex now has over 1.6 million weekly active users. (OpenAI Developers, Neowin)
JetBrains launched Central, a governance layer for managing AI coding agents at scale. Announced March 24, Central connects IDEs, CLIs, pipelines, and team tools into one system for running, monitoring, and governing agent workflows. It supports JetBrains agents, plus Claude, Codex, and Gemini CLI. In a survey of 11,000 developers, 90% already use AI at work, but only 22% use coding agents; 66% plan to adopt them within a year. JetBrains is retiring Code With Me (pair programming) to fund AI features. EAP launches Q2 2026. (JetBrains Blog, The Register)

AI Products

Google released Lyria 3 Pro for AI music generation up to 3 minutes. The model understands musical composition well enough to prompt for intros, verses, choruses, and bridges. It's available on Vertex AI (public preview), Google AI Studio, Gemini API, Google Vids, the Gemini app (for paid subscribers), and ProducerAI. All outputs have SynthID watermarking. (Google Blog)
Gemini now has tools to import chats and memories from ChatGPT and Claude. Users can upload ZIP exports of their conversation history (up to 5GB) and use a prompt-based memory import to transfer preferences and personal context. Imported chats show up in Gemini's sidebar and are searchable. Anthropic shipped a similar memory import for Claude three weeks earlier. Not yet available in the EEA, UK, or Switzerland. (Google Blog, TechCrunch)
Google Research published TurboQuant, a quantization method that shrinks LLM memory by roughly 6x with zero accuracy loss. Published March 24, TurboQuant eliminates the memory overhead that traditional quantization introduces by removing the need to store full-precision quantization constants for every data block. Google says it's already been deployed internally for over a year, recovering 0.7% of Google's worldwide computing resources and speeding up a key kernel in Gemini's architecture by 23%. The paper also covers applications to vector search engines. (Google Research)

Funding

Harvey raises $200M at $11B valuation for legal AI. Co-led by existing investors GIC and Sequoia. The funds go toward expanding AI agents and growing embedded legal engineering teams. (Bloomberg)
Kleiner Perkins raises $3.5B across two funds. $1B for KP22 (early-stage) and $2.5B targeted for growth-stage investments. (Crunchbase)

Weekend Reading

"Escaping the Velocity Trap." The Sonar 2026 State of Code survey (1,100+ developers) found that 96% don't fully trust AI-generated code, and 38% say reviewing it takes more cognitive effort than reviewing human-written code. GitClear's analysis of 211 million lines found AI tools produce four times more code clones, less refactoring (down from 25% to under 10% of changed lines), and 1.7 times more logical bugs. The pattern: time saved generating code gets spent debugging and verifying massive, complex PRs. Senior engineers are becoming editors instead of writers, and teams are adding multi-agent validation layers before human sign-off. Some enterprises now track 'AI-attributed regressions' as a metric. (Sonar Summit 2026)

Recommended

Inside Look at Using Claude Code Remote Control

Anthropic's Remote Control, currently in research preview, adds a third option for Claude Code users who need to step away mid-session. Your session keeps running on your machine while your phone becomes a window into it…

About the Author

Joe Seifi

Founder at EveryDev.ai

Apple, Disney, Adobe, Eventbrite, Zillow, Affirm. I've shipped frontend at all of them. Now I build and write about AI dev tools: what works, what's hype, and what's worth your time.

Comments

No comments yet

Be the first to share your thoughts!

Weekly AI Dev News Digest: March 23-27, 2026

Joe Seifi

March 27, 2026·Founder at EveryDev.ai

OpenAI Kills Sora, Disney Deal Collapses

Sora is dead. OpenAI is shutting down the app, the API, and ChatGPT video generation. Six months in, Sora was burning about $15 million a day on inference, with total revenue of only $2.1 million. Downloads dropped 66% from the peak. Disney's $1 billion investment and three-year licensing deal ended before any money moved. OpenAI says the Sora team will shift to world simulation research for robotics. (TechCrunch, Axios, CNN)
OpenAI is buying companies faster. They've made 17 acquisitions since 2023, with 6 already in 2026, almost as many as all of last year. The latest: Astral (Python dev tools, March 19) and Promptfoo (AI security testing, March 9). Even after raising $110 billion in February, HSBC projects a $207 billion funding gap by 2030. (Crunchbase)

Anthropic Ships Computer Use, Auto Mode, and Mobile Apps

Claude can now control your Mac. Computer use launched in Cowork and Claude Code on March 23 as a research preview for Pro and Max plans. Claude can open files, navigate browsers, fill spreadsheets, and run dev tools, no setup needed. It pairs with Dispatch, so you can assign tasks from your phone and return to finished work on your desktop. (CNBC, 9to5Mac)
Claude Code auto mode solves the permission prompt problem. Instead of approving every file write or skipping permissions, auto mode uses an AI safety layer to review each action before it runs. It checks for destructive behavior and prompt injection. Available now for Teams as a research preview; Enterprise and API support are coming. Works with Sonnet 4.6 and Opus 4.6 only. Anthropic recommends using sandboxed environments. (TechCrunch)
Claude Code can now auto-fix pull requests. When a CI check fails or a reviewer leaves a comment, Claude investigates and pushes a fix if one is clear. Works on PRs created in Claude Code on the web, from mobile, or any existing PR by pasting the URL. Requires the Claude GitHub App on your repo. (Claude Code Docs)
Claude Code Channels connects your terminal to Discord and Telegram. You can now text Claude Code both ways through chat platforms. The Channels feature expanded to Teams and Enterprise plans on March 24. Cloud-scheduled tasks now run on Anthropic-managed infrastructure, even when your machine is off. (Silicon Republic)
Interactive apps are now on Claude mobile. The iOS and Android apps connect to Figma, Canva, Amplitude, and other tools. You can pull up live charts, create presentations, and check analytics dashboards from a chat interface on your phone. Anthropic is also working on 'Orbit,' a feature for deeper smartphone access like creating calendar events and making calls. (Anthropic Release Notes, Storyboard18)
Claude Code v2.1.52 adds the --bare flag and several fixes. The --bare flag skips hooks, LSP, plugin sync, and skill directory walks for scripted calls, making SDK-pattern usage about 14% faster. Other updates: --channels permission relay to send tool approval prompts to your phone, effort frontmatter support for skills, and a rate_limits field in statusline scripts. Multiple fixes for OAuth, voice mode, session resume, and MCP timeouts. (Anthropic Release Notes)

Security

LiteLLM supply chain attack is the biggest AI infrastructure breach of the year. Threat actor TeamPCP backdoored PyPI versions 1.82.7 and 1.82.8 on March 24 with a three-stage payload: credential harvester (SSH keys, cloud creds, crypto wallets, .env files), Kubernetes lateral movement toolkit, and persistent systemd backdoor. The attack cascaded from a compromised Trivy GitHub Action through Checkmarx KICS to LiteLLM. The package gets ~3.4M downloads/day and is present in 36% of cloud environments. Packages were live for about 3 hours before PyPI quarantined them. TeamPCP claims a partnership with LAPSUS$. (The Hacker News, Snyk, Datadog Security Labs)
FCC bans all new foreign-made consumer routers. The order, effective March 23, adds all consumer routers manufactured outside the US to the FCC's Covered List, blocking new models from certification and sale. Existing devices are grandfathered. Exceptions require approval from the Department of War or DHS. The FCC cited China-backed groups Volt Typhoon, Salt Typhoon, and Flax Typhoon. China produces roughly 60% of the global router market. TP-Link is particularly affected. (TechCrunch, FCC FAQ)
Langflow CVE-2026-33017 was exploited within 20 hours of disclosure. No public proof-of-concept existed when attacks began. The critical RCE flaw (CVSS 9.3) in the open-source AI platform allows unauthenticated code execution. CISA added it to the KEV catalog with a patch deadline of April 8. The median time-to-exploit continues to shrink; Rapid7's 2026 report puts it at just 5 days from publication to inclusion in KEV. (The Hacker News)
Georgia Tech researchers tracked 35 new CVEs in March from AI-generated code. That's up from 6 in January and 15 in February. They monitor about 50 coding assistants (Claude Code, Copilot, Cursor, Devin, Windsurf, Amazon Q, and others) with a Vibe Security Radar dashboard. The pattern is clear: as AI writes more production code, the vulnerability surface grows. (Infosecurity Magazine)
New security tools now target AI-generated code. Black Duck launched Signal, a security tool built for AI-generated code in developer workflows. Apiiro released AI-powered threat modeling that works on a code-to-runtime graph, replacing the old spreadsheet-and-diagram approach during design. Both shipped the week of March 22-23. (Help Net Security, GlobeNewsWire)

Developer Platforms and Tools

Cursor was caught using Moonshot AI's Kimi K2.5 without attribution. A developer found the model ID 'kimi-k2p5-rl-0317-s515-fast' in Cursor's API traffic on March 19. Cursor's VP Lee Robinson acknowledged the open-source base but said about 25% of compute came from Kimi, with the rest from proprietary training. The issue: Kimi K2.5's license requires prominent UI attribution for products making over $20 million a month. Cursor is estimated at $166 million per month. Co-founder Aman Sanger called the omission 'a miss.' (TechCrunch, VentureBeat)
MCP now has over 97 million installs. Every major AI provider, OpenAI, Google, xAI, Mistral, Cohere, ships MCP-compatible tools. The server registry lists over 4,000 published servers. The MCP working group published Security Standard v1.1 in March, covering prompt injection, server authentication, and scope limits. Sixteen months from launch to near-universal adoption. (Digital Applied)
OpenAI Codex now has a plugin system with Slack, Figma, Notion, and Gmail. Plugins are installable bundles that package skills, app integrations, and MCP server configs into shareable, versioned units. They work across the Codex app, CLI, and IDE extensions. An official directory is live; self-serve publishing is coming. Codex now has over 1.6 million weekly active users. (OpenAI Developers, Neowin)
JetBrains launched Central, a governance layer for managing AI coding agents at scale. Announced March 24, Central connects IDEs, CLIs, pipelines, and team tools into one system for running, monitoring, and governing agent workflows. It supports JetBrains agents, plus Claude, Codex, and Gemini CLI. In a survey of 11,000 developers, 90% already use AI at work, but only 22% use coding agents; 66% plan to adopt them within a year. JetBrains is retiring Code With Me (pair programming) to fund AI features. EAP launches Q2 2026. (JetBrains Blog, The Register)

AI Products

Google released Lyria 3 Pro for AI music generation up to 3 minutes. The model understands musical composition well enough to prompt for intros, verses, choruses, and bridges. It's available on Vertex AI (public preview), Google AI Studio, Gemini API, Google Vids, the Gemini app (for paid subscribers), and ProducerAI. All outputs have SynthID watermarking. (Google Blog)
Gemini now has tools to import chats and memories from ChatGPT and Claude. Users can upload ZIP exports of their conversation history (up to 5GB) and use a prompt-based memory import to transfer preferences and personal context. Imported chats show up in Gemini's sidebar and are searchable. Anthropic shipped a similar memory import for Claude three weeks earlier. Not yet available in the EEA, UK, or Switzerland. (Google Blog, TechCrunch)
Google Research published TurboQuant, a quantization method that shrinks LLM memory by roughly 6x with zero accuracy loss. Published March 24, TurboQuant eliminates the memory overhead that traditional quantization introduces by removing the need to store full-precision quantization constants for every data block. Google says it's already been deployed internally for over a year, recovering 0.7% of Google's worldwide computing resources and speeding up a key kernel in Gemini's architecture by 23%. The paper also covers applications to vector search engines. (Google Research)

Funding

Harvey raises $200M at $11B valuation for legal AI. Co-led by existing investors GIC and Sequoia. The funds go toward expanding AI agents and growing embedded legal engineering teams. (Bloomberg)
Kleiner Perkins raises $3.5B across two funds. $1B for KP22 (early-stage) and $2.5B targeted for growth-stage investments. (Crunchbase)

Weekend Reading

"Escaping the Velocity Trap." The Sonar 2026 State of Code survey (1,100+ developers) found that 96% don't fully trust AI-generated code, and 38% say reviewing it takes more cognitive effort than reviewing human-written code. GitClear's analysis of 211 million lines found AI tools produce four times more code clones, less refactoring (down from 25% to under 10% of changed lines), and 1.7 times more logical bugs. The pattern: time saved generating code gets spent debugging and verifying massive, complex PRs. Senior engineers are becoming editors instead of writers, and teams are adding multi-agent validation layers before human sign-off. Some enterprises now track 'AI-attributed regressions' as a metric. (Sonar Summit 2026)

Recommended

Inside Look at Using Claude Code Remote Control

About the Author

Joe Seifi

Founder at EveryDev.ai

Apple, Disney, Adobe, Eventbrite, Zillow, Affirm. I've shipped frontend at all of them. Now I build and write about AI dev tools: what works, what's hype, and what's worth your time.

Comments

No comments yet

Be the first to share your thoughts!