Tencent has announced that PayPal users will be able to make cashless payments in China by scanning QR codes through WeChat Pay’s merchant network. The integration, which will be available to US-based PayPal users first with more markets to follow, connects PayPal’s 400 million-plus user base to the payment infrastructure that covers virtually every taxi, restaurant, and shop in mainland China.

The move addresses a specific pain point. China’s economy runs on mobile payments, with WeChat Pay and Ant Group’s Alipay processing trillions of dollars in transactions annually. Foreign visitors who arrive without access to either platform often find themselves unable to pay for basic goods and services, since many Chinese merchants no longer accept cash and few accept international credit cards at the point of sale. Both WeChat Pay and Alipay have allowed foreigners to link international bank cards since 2019, but adoption has been limited by a cumbersome onboarding process that requires downloading Chinese apps and navigating interfaces designed for domestic users.

Why PayPal matters

PayPal integration sidesteps the onboarding problem entirely. A US tourist arriving in Beijing does not need to download WeChat, create an account, or link a bank card to a Chinese payment platform. They scan a WeChat Pay QR code with their existing PayPal app, the transaction processes through WeChat Pay’s merchant network, and the charge appears on their PayPal balance or linked card. The friction reduction is significant for a demographic that currently struggles with China’s cashless infrastructure.

Tencent is also waiving transaction fees for first-time users who link international bank cards directly to WeChat, a separate incentive aimed at encouraging deeper integration beyond the PayPal pathway. The company reported that foreign traveller transactions in China jumped nearly 80% year on year in the January-to-April period of 2026, suggesting that China’s broader tourism push is already driving payment volume growth.

China’s tourism strategy

The PayPal deal is part of a coordinated effort by Beijing to attract more foreign tourists after the pandemic-era collapse in international arrivals. China has expanded visa-free access to travellers from dozens of countries, including the UK, Spain, and Australia, though US travellers still require a visa except for brief transits to third countries.

The strategy is working by the numbers. Foreign visitors to China, excluding those from Hong Kong and Taiwan, surpassed 35 million in 2025, exceeding the pre-pandemic record of nearly 32 million set in 2019. Tourism contributed more than 4% of China’s GDP in 2024. China’s approach to technology adoption has created an economy where digital infrastructure is more advanced than in most Western countries, but that very advancement creates barriers for visitors who are not part of the domestic digital ecosystem.

Gary Ng, a senior economist for Asia Pacific at French bank Natixis, said the move aligns with a global trend of payment platform integration through mutually recognised cross-border QR codes. The same dynamic is playing out in Southeast Asia, where Singapore, Thailand, and Malaysia have established bilateral QR code payment links.

Limited near-term impact

The practical significance of the PayPal integration depends on the volume of US travellers to China, which remains relatively low compared to pre-pandemic levels and is further constrained by the ongoing visa requirement. Ivan Su, a senior equity analyst at Morningstar, said the initial impact may be limited in terms of overall benefit for Tencent given those volumes.

The competitive dynamic between WeChat Pay and Alipay adds another dimension. As fintech platforms globally expand into cross-border payments, both Chinese platforms are racing to be the preferred gateway for foreign visitors. Alipay has its own international partnerships and has been more aggressive in marketing to tourists through in-app translation features and curated city guides. Alibaba’s broader technology ambitions give Alipay a parent company with deep resources to invest in cross-border payment infrastructure.

For Tencent, the PayPal deal is less about immediate revenue and more about positioning WeChat Pay as the default payment rail for international visitors. Chinese platform companies are navigating a regulatory environment that encourages international engagement while maintaining domestic control over data and financial flows. Connecting PayPal to WeChat Pay’s merchant network threads that needle, giving foreign users access to the payment infrastructure without giving them direct access to the underlying Chinese financial system.

AI + ML

First it tops OpenAI’s valuation, then it beats Altman to the IPO punch

Anthropic has beaten OpenAI to the IPO punch, just days after its latest private funding round eclipsed its top rival’s valuation, setting up a showdown that could pump more air into – or finally pop – the AI bubble.

Anthropic said Monday in a press release that it had filed a confidential S-1 form with the US Securities and Exchange Commission, setting the stage for an eventual initial public offering of shares in the world’s (currently) most valuable AI startup. Given it’s a confidential filing, Anthropic shared little information and declined to answer questions on the matter.

“The proposed initial public offering will depend on market conditions and other factors,” Anthropic said in the announcement. “The number of shares to be offered and the price have not yet been set.”

Those market conditions could look like anything by the time the SEC finishes reviewing the filing and it’s made available to the public for scrutiny, but the winds inflating the AI bubble are currently blowing in Anthropic’s favor.

The company reported last week that it completed a $65 billion series H funding round, pushing its post-money valuation to $965 billion, sending it rocketing past OpenAI’s most recently-reported valuation of $852 billion, which at the time was the highest-ever valuation of a pre-IPO tech company.

With Anthropic now on the top of the heap, it’s a perfect time to file an IPO prospectus before Altman and company steal the lead back. That said, Anthropic has made some clever choices that have put it atop the heap for now.

Claude Code has done wonders for Anthropic’s reputation as the more useful of the pair, which is backed up by the fact that Anthropic reportedly earns more in revenue despite having a fraction of OpenAI’s user base.

Of course, that doesn’t mean Anthropic’s valuation is realistic, nor that it’s actually posting a profit. According to a recent story in the Wall Street Journal, Anthropic is on the verge of reporting its first quarter of operating profit, according to people at the company who spoke anonymously. The Journal also notes that, as a private company, Anthropic isn’t required to post financials or report numbers any more realistic than what one would get with any good ass-pull – the word “profit” could exclude all sorts of expenses. Toss in an active Series H round (the WSJ piece was published prior to Anthropic announcing its recent valuation) and a looming IPO, and the realism of that profitability figure is questionable.

We won’t be able to accurately assess the state of Anthropic’s finances until that IPO filing becomes public, which could end up serving as the first real look behind the shroud of fiscal secrecy that AI firms have operated behind.

If Anthropic’s numbers look anything like what SpaceX’s IPO filing revealed (i.e., ridiculous valuations on top of massive losses) it could cause the AI bubble to start looking even flimsier than it already does. ®

Apple Card users who subscribe to Uber One can now earn up to $30 in Uber Cash on eligible Uber Eats grocery and retail purchases. Here’s how to get it.

The promotion provides up to $30 in Uber Cash through August 31. Uber One members can earn $10 on one qualifying order each month in June, July, and August when they pay with Apple Card in the Uber Eats app.

Eligible purchases include groceries, health and beauty products, pet supplies, and other retail items available through Uber Eats. Uber Cash earned through the promotion can be used on future Uber Eats orders.

The promotion expands the benefits available to Apple Card users who regularly use Uber’s services. Customers who already subscribe to Uber One and place grocery or retail orders through Uber Eats can combine the monthly Uber Cash bonus with the card’s existing rewards.

The offer is separate from Apple Card’s standard rewards program. Customers who use Apple Card with Apple Pay for Uber and Uber Eats purchases continue to receive 3% Daily Cash on eligible transactions.

Uber and Uber Eats are among the temporary merchants that offer 3% Daily Cash on eligible Apple Pay purchases made with Apple Card. Participating, long-term partners, include Nike, Ace Hardware, Hertz, Walgreens, and Exxon Mobil.

Uber One is the company’s subscription service that includes benefits such as discounts on eligible orders and reduced delivery fees. Apple Card customers are also eligible for a six-month Uber One trial when signing up with Apple Card and Apple Pay.

After the trial period ends, the subscription automatically renews at Uber’s standard monthly rate unless canceled.

Atlas Menu, a cheat service for Grand Theft Auto V’s online mode, has been hacked, exposing the personal data of nearly 64,000 users. The stolen data included email addresses, usernames, hashed passwords, IP addresses, and support tickets, according to data breach notification service Have I Been Pwned. The breach was claimed by a hacker whose stated motivation was revenge against a scammer, and the allegedly stolen data was posted publicly to GitHub.

The irony is difficult to miss. Atlas Menu marketed itself on security, promising users “secure authentication and enhanced privacy through our advanced encryption techniques,” according to its official website, which was archived before going offline. The service sold features that gave GTA V players unfair advantages: invisibility, super jumps, the ability to fly through the map, and other modifications to Rockstar Games’ online multiplayer environment.

A multi-million dollar shadow industry

Game cheats have evolved from hobbyist projects into a multi-million dollar commercial market. Professional and semi-professional gamers pay for software that provides advantages over competitors, while casual players use cheats to bypass progression systems or grief other users. Services like Atlas Menu operated in a legal grey area, selling tools that violate most games’ terms of service but are not themselves illegal in most jurisdictions.

The breach exposes users to potential embarrassment and further security risks. Email addresses tied to gaming accounts often overlap with primary personal accounts, meaning that users who signed up for a cheat service with the same credentials they use elsewhere now face credential-stuffing attacks. The hashed passwords provide some protection, but depending on the hashing algorithm used, determined attackers could crack weaker passwords.

Atlas Menu is not the first cheat service to be breached. A popular cheat service for Counter-Strike: Global Offensive was hacked several years ago in a similar incident. The GTA franchise has been a recurring target for security incidents, from the 2023 GTA VI trailer leak traced to a Rockstar developer’s son to repeated exploits targeting GTA Online’s peer-to-peer networking architecture.

The enforcement gap

The breach highlights a structural problem in gaming security. Cheat services operate with minimal accountability: their operators are often anonymous, their infrastructure is disposable, and their users have no recourse when things go wrong. Unlike enterprise software vendors that face regulatory and contractual obligations to protect customer data, cheat service operators answer to no one.

Rockstar Games has invested heavily in anti-cheat systems for GTA Online, but the persistence of services like Atlas Menu demonstrates the limits of technical enforcement against a motivated and commercially incentivised cheating ecosystem. Law enforcement has targeted some gaming-adjacent cybercrime operations, but cheat services rarely rise to the level of criminal prosecution unless they involve direct financial fraud or intellectual property theft at scale.

The owners of Atlas Menu could not be reached for comment. The site remains offline.

For years, a unit of Russia’s military intelligence agency quietly turned ordinary home routers into tools of espionage. The GRU group known as APT28, the same outfit behind the 2016 DNC hack and a string of attacks on NATO targets, exploited unpatched firmware and unchanged default passwords to compromise thousands of devices across 23 US states, redirecting internet traffic through servers under Russian control and harvesting credentials along the way. Federal agents disrupted the operation in April under a court order. What they couldn’t do from a distance was fix the underlying vulnerabilities. That requires five steps from you.

The attack targeted small-office/home-office routers, also known as SOHO routers, and was carried out by a unit in the Russian military intelligence agency, the GRU. Government agencies are urging people to follow basic router hygiene steps, such as updating to the latest firmware and changing default login credentials. The UK’s National Cyber Security Centre includes a number of TP-Link routers specifically targeted by the hackers.

While that news sounds pretty alarming, it’s worth keeping in mind that the attack compromised enterprise routers specifically, so your home Wi-Fi router likely isn’t at risk. That said, some of the affected routers can be used as standard home routers, so it’s worth checking whether your model was exploited in the attack.

“There is a big trend of exploiting routers these days, and that goes both for the consumer and enterprise or corporate routers,” Daniel Dos Santos, vice president of research at the cybersecurity company Forescout, told CNET.

What type of attack is this?

A news release from the NSA notes that the attack indiscriminately targeted a wide pool of routers, with the goal of gathering information on “military, government, and critical infrastructure.”

This attack is linked to threat actors within the Russian GRU — which go by APT28, Fancy Bear, Forest Blizzard and other names — and has been ongoing since at least 2024, according to the FBI. 

It’s known as a Domain Name System hijacking operation, in which DNS requests are intercepted by changing the default network configurations on SOHO routers, allowing the actors to see a user’s traffic unencrypted. 

“For nation-state actors like Forest Blizzard, DNS hijacking enables persistent, passive visibility and reconnaissance at scale,” says a Microsoft Threat Intelligence report on the attack. 

Microsoft identified more than 200 organizations and 5,000 consumer devices impacted by the GRU’s attack. 

Which routers were affected?

The FBI’s announcement refers to one router specifically, the TP-Link TL-WR841N, a Wi-Fi 4 model that was originally released in 2007. The UK’s National Cyber Security Centre lists 23 TP-Link models that were targeted, but notes that it is likely not exhaustive.

Here is the list of affected devices:

• TP-Link LTE Wireless N Router MR6400
• TP-Link Wireless Dual Band Gigabit Router Archer C5
• TP-Link Wireless Dual Band Gigabit Router Archer C7
• TP-Link Wireless Dual Band Gigabit Router WDR3600
• TP-Link Wireless Dual Band Gigabit Router WDR4300
• TP-Link Wireless Dual Band Router WDR3500
• TP-Link Wireless Lite N Router WR740N
• TP-Link Wireless Lite N Router WR740N/WR741ND
• TP-Link Wireless Lite N Router WR749N
• TP-Link Wireless N 3G/4G Router MR3420
• TP-Link Wireless N Access Point WA801ND
• TP-Link Wireless N Access Point WA901ND
• TP-Link Wireless N Gigabit Router WR1043ND
• TP-Link Wireless N Gigabit Router WR1045ND
• TP-Link Wireless N Router WR840N
• TP-Link Wireless N Router WR841HP
• TP-Link Wireless N Router WR841N
• TP-Link Wireless N Router WR841N/WR841ND
• TP-Link Wireless N Router WR842N
• TP-Link Wireless N Router WR842ND
• TP-Link Wireless N Router WR845N
• TP-Link Wireless N Router WR941ND
• TP-Link Wireless N Router WR945N

A TP-Link Systems spokesperson told CNET in a statement that the affected models all reached End of Service and Life status several years ago.

“While these products are outside our standard maintenance lifecycle, TP‑Link has developed security updates for select legacy models where technically feasible,” the spokesperson said. 

TP-Link is urging people with these outdated routers to upgrade to a newer device if possible. You can find a list of available security patches on its security advisory page addressing the recent attack. 

How to keep your router safe

The NSA referred organizations to a list of best practices for securing your home network. The most important thing you can do if you’re using one of the impacted devices is to upgrade your router as soon as possible. It likely hasn’t received firmware updates in years, which is like leaving the door to your network unlocked. 

“The longer you carry on doing that, the greater the risk,” said Rik Ferguson, vice president of security intelligence at Forescout. “The router sits in such a privileged position within any network. All of your communication, all of your traffic, has to pass through that device.”

In addition to using a newer device that’s still getting security updates, there are a few other steps you can take to lock down your network: 

• Update your firmware regularly: Many networking devices allow you to enable automatic firmware updates in the settings. If this is an option, I’d highly recommend doing it. If it’s not, you can find updates for your router by logging into its web interface or using its app.
• Reboot your router: The NSA’s guidance recommends rebooting your router, smartphone and computers at least once a week. “Regular reboots help to remove implants and ensure security,” the agency says. 
• Change default usernames and passwords: One of the most common ways hackers gain access is by trying default, manufacturer-set login credentials. “There’s a whole underground economy that underlies all of that,” says Ferguson. “Basically, they just harvest credentials, either through attacks of their own, or by stockpiling them from other sources and buying them.” This username and password combination is different from your Wi-Fi login, which should also be changed every six months or so. The longer and more random your password, the better. 
• Disable remote management: Most regular users don’t need to remotely manage their Wi-Fi router, and this is one of the primary ways threat actors can change your router’s settings without your knowledge. You can typically find this option in your router’s admin settings. 
• Use a VPN: The FBI’s announcement on the attack specifically recommends that organizations with remote workers use a VPN when accessing sensitive data. These services encrypt your traffic as it passes through a remote server, keeping it safe from hackers.

‘The End of Oak Street’ opens with a quiet drive down a familiar street that turns into something no one could have prepared for. The Platt family heads out as usual until the road simply stops. Instead of continuing into town, it ends at a cliff that drops away into an entirely different landscape. Their neighborhood has moved, and nothing around them matches the world they left behind.

Confusion spreads like wildfire among the people, as Denise Platt, played by Anne Hathaway, tries to make sense of what’s going on for her son, who is asking the question that everyone is asking: what in the world is going on. She informs him that their house, street, and almost everything else has moved overnight. The family quickly realises they are not the only ones in this strange new environment. A deafening roar cuts through the air, and the first massive dinosaur appears where lawns and mailboxes used to be the edge of safety.

Sale

Anker Nebula P1i Portable Projector with WiFi and Bluetooth by soundcore, Flippable Design,1080P FHD, 4K…

• Flippable Audio Magic: Rotate the 20W (2 x 10W) Dolby Audio speakers 90° side to side or 200° up and down for sound that follows your vibe, perfect…
• True Brightness, Real Clarity: Enjoy lifelike details with TÜV‑certified 380 ANSI lumens and 1080p Full HD resolution that make every movie night…
• Designed for Consistent Viewing: All‑glass lenses and fully sealed optical engine resist dust and wear, keeping every frame crisp and clear even…

The Platts and their neighbors are then put on a merry-go-round that is constantly in motion. More and more dinosaurs start to arrive & suddenly the transplanted suburban blocks turn into an open hunting ground. Backyards, driveways, and living rooms, where the youngsters used to play, have become part of the danger zone. Denise and Greg, played by Ewan McGregor, make every decision with one thing in mind: keeping their two children alive. Christian Convery and Maisy Stella bring the children to life, and the fact that they are always in danger makes each close encounter much more horrifying.

David Robert Mitchell wrote and directed the film. He reunited with several frequent collaborators, including cinematographer Michael Gioulakis, production designer Maya Shimoguchi, editor John Axelrad, and composer Michael Giacchino. Their work together gives the story a consistent feel that blends everyday neighborhood details with the scale of prehistoric creatures moving through them.

J.J. Abrams is producing through his Bad Robot company, alongside Hannah Minghella and a few others. Warner Bros. Pictures are set to release it in theaters and IMAX on August 14. This one screams J.J. Abrams, with its huge, mysterious, event-scaled scope, yet it’s also firmly grounded in one family’s desperate effort to make it through each day.

Anthropic has confidentially submitted draft registration paperwork for an initial public offering with the Securities and Exchange Commission, the company announced in a blog post on Monday. The number of shares to be offered and the price have not been set. The filing positions Anthropic to potentially reach the public market as soon as this fall, ahead of rival OpenAI, which is also preparing its own confidential IPO filing in the coming weeks.

The move comes days after Anthropic raised $65 billion in a funding round at a $965 billion valuation, eclipsing OpenAI’s valuation for the first time. The round was led by Altimeter Capital, Dragoneer, Greenoaks, and Sequoia Capital. Goldman Sachs, JPMorgan Chase, and Morgan Stanley are expected to be under consideration for lead underwriting roles on both Anthropic’s and OpenAI’s listings.

The revenue trajectory

Anthropic’s financial growth over the past 12 months has been extraordinary even by AI startup standards. The company’s annualised revenue run rate was $4 billion in July 2025. By January 2026 it had surpassed $9 billion. Anthropic has told investors that the run rate will exceed $50 billion by the end of July, representing roughly an 80-fold increase in annualised revenue over two years.

The company expects to report $10.9 billion in revenue for the second quarter of 2026, more than doubling the $4.8 billion it generated in Q1 and exceeding its entire 2025 annual revenue in a single quarter. Anthropic is also on pace for its first profitable quarter, with a projected operating profit of $559 million. Early investors like Accel, whose Anthropic stake has more than quadrupled in months, now have a clear path to liquidity.

The 💜 of EU tech

Advertisement

The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!

The growth has been driven by a surge in enterprise demand for Claude’s coding capabilities and, more recently, by Anthropic’s Mythos cybersecurity model, which discovered more than 10,000 zero-day vulnerabilities across major operating systems and has become the most discussed AI capability in enterprise security.

The three-way IPO race

Anthropic’s filing sets up what could be the most significant cluster of technology IPOs since the dot-com era. OpenAI is preparing its own confidential filing and has targeted a public debut in the fall at a potential valuation of up to $1 trillion. SpaceX has already filed for the largest IPO in history, with marketing set for early June. All three companies are backed by overlapping pools of sovereign wealth funds and institutional investors, and all three are likely to draw on Goldman Sachs, JPMorgan, and Morgan Stanley for underwriting.

For Anthropic, filing first carries a strategic advantage. The company that reaches the public market ahead of its rival gets first access to the broadest possible pool of institutional and retail investors, sets the valuation benchmark for the AI sector, and defines the narrative around which AI company represents the best public market bet.

The competitive dynamic between the two companies has intensified this year. While Anthropic has posted an 80-fold annualised revenue increase and surpassed OpenAI in valuation, OpenAI has been rethinking its product lineup, shuffling leadership, and confronting reports that it missed certain internal revenue and user targets. OpenAI CFO Sarah Friar has pushed back, telling Bloomberg the company is seeing a “vertical wall of demand” for its products.

Risks in the filing

Anthropic’s S-1, when it becomes public, will need to disclose several material risks. The most prominent is the company’s ongoing legal battle with the US government after the Pentagon declared Anthropic a supply-chain risk, a designation typically reserved for foreign adversaries. The dispute stems from Anthropic’s refusal to grant the military unrestricted access to its models. Anthropic has said the designation could jeopardise billions of dollars in revenue.

The $965 billion valuation also carries scrutiny. At $10.9 billion in projected Q2 revenue, Anthropic would be trading at roughly 22x annualised revenue, a premium that assumes continued hypergrowth. If the $50 billion run rate materialises by July, the multiple compresses to a more defensible 19x, but that figure depends on maintaining the pace of enterprise adoption that drove the Q1-to-Q2 doubling.

There is also the question of whether profitability is sustainable. Anthropic’s projected $559 million operating profit in Q2 represents a roughly 5% margin, thin for a company seeking a near-trillion-dollar public valuation. The economics of running frontier AI models at scale remain expensive, and compute costs could compress margins as the company scales. The University of Michigan turned a $20 million early OpenAI investment into $2 billion, a reminder that early AI bets can produce extraordinary returns, but public market investors will demand more predictable economics.

What it means for the market

Anthropic’s IPO filing, combined with OpenAI’s expected filing and SpaceX’s already-submitted paperwork, means the fall 2026 IPO window could see more than $200 billion in new public market value from three companies alone. The last time a cluster of technology offerings this large reached the public market simultaneously was the 1999-2000 dot-com wave.

The comparison is imperfect. Anthropic and OpenAI have real, rapidly growing revenue. SpaceX is profitable. But the valuations all assume that the AI market will continue expanding at its current pace, that enterprise adoption will not plateau, and that regulatory and legal risks will remain manageable. Anthropic’s confidential filing is the starting gun for the most consequential test of whether the AI boom can sustain public market scrutiny.

Big news in enterprise AI broke over the weekend as Chinese AI startup MiniMax released its highly anticipated M3 large language model on Sunday evening Eastern time, pairing frontier-tier coding and agentic performance with a 1-million-token context window and native multimodality for a fraction of the cost of leading proprietary models, with pricing starting at just $20 per month under its new subscription token plans.

The company’s leadership also announced plans to deliver the model under an open source license including “open weights,” allowing for full enterprise downloading and customizability free-of-charge, coming sometime in the next 10 days. For now, it is available via the MiniMax API at a special discounted price of $0.3 per 1 million input tokens and $1.20 per million output tokens (on fresh cache) for the next week — beating proprietary U.S. giants like Google, OpenAI and Anthropic handily on cost, while also eclipsing the performance of the latest models from the former two on selected benchmarks.

Even at its full price of $0.6/$2.40 per million input/output tokens, MiniMax-M3 remains at just 8-20% the cost of the leading, proprietary U.S. models.

The traditional matrix governing large language model development has long dictated a rigid choice: software developers can either access top-tier closed-source intelligence behind restrictive APIs, or deploy nimble, cost-effective open models that falter on multi-step reasoning, dense coding tasks, and massive data sequences. MiniMax-M3 fundamentally upends this paradigm.

By unifying these two historically separated frontier capabilities, M3 introduces a level of comprehensive utility previously restricted to expensive, closed-source ecosystems, effectively shifting the baseline of open-weights systems while drastically minimizing the operational compute footprint required to execute complex development loops.

VentureBeat Frontier AI Model API Pricing Snapshot

New MiniMax Sparse Attention (MSA) technique helps keep the model’s cost low

At the core of the model’s efficiency lies an architectural departure from classic Transformer networks. Standard attention mechanisms scale quadratically ($O(N^2)$), meaning computational and financial costs explode as text inputs lengthen.

To combat this “inherent flaw,” the engineering team implements MiniMax Sparse Attention (MSA), a clean, extensible sparse attention blueprint.

To visualize this innovation, think of traditional full attention as an editor reading an entire library from scratch every time they need to verify a single sentence. MSA acts as an intelligent indexing clerk, using a pre-filtering phase to partition Key-Value (KV) matrices into highly precise blocks.

At the operator level, MSA uses a “KV outer gather Q” approach. The system treats KV blocks as an outer loop, dynamically aggregating only the specific queries that hit them. Because each data block is read exactly once and memory access remains strictly contiguous, hardware utilization skyrockets.

In internal trials, MSA runs more than 4x faster than alternative open-source solutions like Flash-Sparse-Attention or flash-moba.

When managing a maxed-out context length of 1 million tokens, M3’s per-token compute demand drops to just 1/20th of the previous generation model, translating into a 9x acceleration in the prefilling stage and a 15x boost during decoding.

Rather than taking a pretrained text network and fusing it with a separate vision model, MiniMax engineered M3 as a natively multimodal system from “Step Zero”.

The company overhauled its data ingest machinery to blend naturally interleaved sequences of text, images, and visual components, scaling the total pretraining corpus beyond 100 trillion tokens.

This deep data alignment enables the model to translate complex visual geometries, such as programming charts or coordinate maps, into structural code without losing contextual fidelity. On standardized assessments, M3 validates this engineering path.

The model records a 59.0% on SWE-Bench Pro, an autonomous agent metric, positioning it ahead of closed models like GPT-5.5 and Gemini 3.1 Pro. It achieves a 66.0% on Terminal Bench 2.1, a 74.2% on MCP Atlas, and an 83.5 on BrowseComp—outstripping Claude Opus 4.7’s benchmark score of 79.3 in autonomous browsing and information retrieval.

However, when contrasted with Anthropic’s newly released, premium frontier model, Claude Opus 4.8, from last week, the competitive ceiling of M3’s efficient sparse-attention footprint becomes evident across directly comparable, tool-intensive agent benchmarks.

In the domain of pure code modification on SWE-Bench Pro, M3’s 59.0% score drops behind Opus 4.8’s leading 69.2% threshold.

A similar performance delta manifests in automated system environments via Terminal-Bench 2.1; while M3’s 66.0% terminal execution score effectively runs neck-and-neck with the previous-generation Opus 4.7 baseline of 66.1%, it trails the upgraded Opus 4.8 architecture, which achieves 74.6%.

Furthermore, evaluations tracking continuous GUI interaction on the OSWorld-Verified sandbox place M3’s automated computer use at 70.0%, compared to a higher 83.4% validation rate secured by Opus 4.8.

These standardized evaluations illustrate the structural trade-offs currently defining the ecosystem: closed-source systems like Opus 4.8 maintain absolute margin leads on hyper-complex reasoning vectors, yet M3 delivers a highly capable baseline of local, tier-one automated operation without the compounding premium of closed-door API subscription fees.

When positioned alongside the heavy-duty inference metrics of the newly minted, fellow open weights model DeepSeek-V4 Pro Max, M3 holds its ground across core agentic categories while asserting narrow advantages in specialized code synthesis.

On the software engineering matrix of SWE-Bench Pro, M3’s 59.0% resolution efficiency edges past DeepSeek-V4 Pro Max’s score of 55.4%.

However, the competitive friction tightens in command-line environments; under Terminal Bench evaluations, DeepSeek-V4 Pro Max pulls slightly ahead with a 67.9% execution accuracy over M3’s 66.0% mark.

In web orchestration and open-world browsing simulations, the two architectures reach a virtual statistical parity, with M3 registering an 83.5% on BrowseComp compared to DeepSeek’s 83.4%.

Similarly, on the MCP Atlas tool-use framework, M3 secures a narrow lead at 74.2% against DeepSeek’s 73.6%.

This close alignment demonstrates that while DeepSeek handles a massive 1.6-trillion total parameter footprint with specialized high-effort reasoning modes, MiniMax’s block-filtered sparse attention mechanism yields directly competitive execution efficiencies without requiring extensive parameter activation scaling.

MiniMax Code AI agent offers Agentic Team capabilities

MiniMax translates these architectural gains into immediate utility through an updated product suite divided between standalone applications, customizable subscription tiers, and raw developer infrastructure. For end-user orchestration, the flagship implementation is MiniMax Code, an AI agent product designed to maximize M3’s multi-step capabilities.

Operating via web or native desktop apps, MiniMax Code runs an “Agent Team” capable of breaking massive engineering tasks into multi-stage, concurrent workflows.

The system relies on a “Producer + Verifier” adversarial harness loop. As one agent instance generates code, a secondary verifier instance aggressively tests and reflects upon execution outputs, allowing the network to self-correct and operate autonomously for days without human oversight. Because of its native visual grounding, MiniMax Code supports direct computer use.

A developer can issue a cross-application voice prompt via their phone to have the model open a localized enterprise ERP client and batch-populate data tables directly from an open Excel spreadsheet.

For custom setups, developers can pipeline M3 directly into existing workflows using an API key (sk-cp) compatible with common alternative IDE environments like Claude Code, Cursor, Roo Code, and Cline. The API introduces a toggleable “thinking mode”.

When enabled, M3 routes processing power into deep reasoning and long-horizon planning; when disabled, the model runs at minimal latency for quick text completion. The companion Token Plan models an aggressive pricing strategy structured around shared multimodal quotas. Billed annually, three options are available:

• Plus ($20/month): Supplies ~1.7B tokens per month and handles 3–4 concurrent agents.

• Max ($50/month): Supplies ~5.1B tokens per month, manages 4–5 concurrent agents, and adds 3 automated video clips per day via Hailuo 2.3.

• Ultra ($120/month): Supplies ~9.8B tokens per month, facilitates 6–7 concurrent agents, and extends video capacity to 5 daily clips.

Open weights makes M3 much more attractive for enterprise use

MinMax’s pledge to release M3 under an open-weights license model—with weights and technical documentation launching on HuggingFace and GitHub within 10 days—carries significant strategic weight for enterprise infrastructure managers.

However, it is still to be determined precisely which license the weights will be available under, and whether or not it will be permissible for consumer usage, e.g. MIT, Apache 2.0 or the new OpenMDW license. If so, the calculus looks like this:

By shipping the underlying model weights directly to the community, MiniMax departs from the closed-door approach favored by major American AI labs.

For enterprise users bound by strict compliance and privacy rules, open weights mean they can run M3 locally on internal hardware.

This setup completely removes the risk of data leakage associated with public APIs. Furthermore, it permits engineering teams to run bespoke fine-tuning passes, modify internal architectures, or embed specialized system prompts deep within the model layers—transforming an off-the-shelf system into a highly targeted proprietary asset.

Initial community reactions are resoundingly positive

The developer ecosystem reacted immediately to M3’s operational benchmarks, singling out its long-horizon autonomous behavior and cost-to-performance profile.

A major focal point of discussion is a 12-hour automated verification test where M3 was tasked with reproducing an ICLR 2025 Outstanding Paper Award winner, titled “Learning Dynamics of LLM Finetuning”.

As MiniMax’s own researcher @MikaStars39 highlighted on X:

“M3 ran autonomously for nearly 12 hours, producing 18 commits and 23 experimental figures on its own, and got the core experiments working:

• it matched the predicted probability trends in the SFT stage

• clearly observed the squeezing effect central to the DPO experiments

• validated the Extend mitigation method proposed in the original paper.”

Simultaneously, creators of developer tools highlighted the practical economic advantages of the model’s new attention mechanism. The official team behind the agentic AI coding harness Cline posted an alert confirming day-one compatibility, stating:

“The new MiniMax-M3 is their first model to have 1m context, multimodal, and agentic coding capability. Congratulations to @MiniMax_AI for the breakthrough in sparse-attention architecture cutting compute & cost to 1/20th their previous generation.”

This sharp drop in execution costs shifts how developers view the relationship between financial investment and capability. Tech commentator @jumperz mapped out this disruption, noting how M3 breaks a historical pattern in machine learning pricing:

By addressing context scaling limitations through fundamental attention-level optimizations rather than brute-force hardware scaling, MiniMax has established a highly efficient open-source baseline. M3 demonstrates that the next phase of agent development will not just be driven by larger datasets, but by efficient architectural choices that make frontier-level performance accessible to the broader open-source community.

For enterprises building autonomous software development or agent infrastructure, MiniMax M3 provides the ultimate “bang for the buck.”

While DeepSeek-V4 Pro holds a microscopic price advantage of $0.195 per million tokens, MiniMax M3 justifies its marginal premium by delivering superior autonomous software engineering resolution rates (59.0% SWE-Bench Pro).

More importantly, because M3 is an open-weights model, the calculation extends far beyond the API chart. By deploying M3’s weights locally inside private enterprise clouds, organizations completely bypass cloud data egress tracking, eliminate structural vendor lock-in, and can implement custom prefix-caching models on internal hardware. This technical approach transforms a highly efficient runtime budget into a permanent, privately owned corporate asset.

Expect more than an hour of trailers and reveals.