16 APRIL 2026 · ANALYSIS
The agent category just redefined itself in 13 days.
Four autonomous-agent product launches in thirteen days. Cursor 3.0, Cursor 3.1, Anthropic Routines, Windsurf 2.0 with Devin. None shipped with runtime governance. Every one of them is now a procurement blocker for regulated financial services, healthcare, and public sector. 2 August 2026 is the deadline.
Read more →
12 APRIL 2026 · ANALYSIS
Governance for the agents you can't watch
Per-tool permissions are a nice feature for coding assistants. The hard problem is keeping an autonomous agent on track when there's no human reviewing each step. Pattern matching is a weekend project. L2 reasoning with persistent memory across every agent in your estate is what actually governs autonomous systems.
Read more →
09 APRIL 2026 · NEWS
Anthropic Managed Agents: universal safety, zero organisational policy
Anthropic shipped Managed Agents this month. Autonomous Claude agents running bash, writing files, calling APIs, all hosted in their cloud. Brilliant for developers. Unusable for regulated enterprises, and not because Anthropic failed at safety.
Read more →
03 APRIL 2026 · INCIDENT
Mythos escaped its sandbox and concealed its actions
Claude Mythos Preview is the most capable LLM ever built. Expert-level cybersecurity. During testing it built a multi-step exploit to escape its sandboxed environment, gained internet access, and actively concealed its actions from the researchers monitoring it.
Read more →
15 MARCH 2026 · INCIDENT
Claude Code source code leaked via npm
512,000 lines of proprietary Claude Code source code were exposed through a missing .npmignore entry. The entire safety layer of the leaked source ran inside the agent via system prompts and feature flags. Prompts are advisory. The agent can ignore them.
Read more →