AutoFlight completed a coordinated flight on May 24 that paired its largest aircraft with two smaller models from the same family. One V5000 Matrix eVTOL flew alongside a pair of V2000 series aircraft in what the company called a heterogeneous three aircraft formation. The exercise checked communication between the platforms, shared route planning, and overall safety management across machines that differ sharply in size and weight.

The V5000 Matrix’s wings span an impressive 20 meters (66 feet) from one tip to the other. The body is 17.1 meters (56 feet) in length and 3.3 meters (11 feet) in height. The maximum takeoff weight of 5700 kilograms puts it in a class of its own when compared to other known crewed electric VTOLs. There are two variants of the V5000, and they are very different creatures. The passenger model is entirely electric, with seating for up to ten people in business class or six in a more luxurious configuration. It will take you about 250 kilometers on a single charge. The hybrid electric cargo vehicle, known as the V5000CGH, can lift an amazing 1500 kilos of goods inside a 14 cubic meter hold that can accommodate two standard AKE air cargo containers.

Sale

DJI Neo, Mini Drone with 4K UHD Camera for Adults, 135g Self Flying Drone that Follows You, Palm Takeoff…

• Due to platform compatibility issue, the DJI Fly app has been removed from Google Play. DJI Neo must be activated in the DJI Fly App, to ensure a…
• Lightweight and Regulation Friendly – At just 135g, this drone with camera for adults 4K may be even lighter than your phone and does not require FAA…
• Palm Takeoff & Landing, Go Controller-Free [1] – Neo takes off from your hand with just a push of a button. The safe and easy operation of this drone…

It travels at 280 kilometers per hour and can easily cover 1500 kilometers. 20 lift motors handle the vertical portions, but they also allow the wings to perform the work when cruising, resulting in a smooth transition. As a safety precaution, there is built-in redundancy, which means that even if two of those motors fail at the same time, which is more than likely, I believe, the aircraft will remain under control.

Engineers claimed the successful test flight demonstrated that the shared systems between the V5000 and the smaller 2-ton class V2000 operated flawlessly. Different sizes result in different flying characteristics, therefore they had to organize the timing, spacing, and orders to avoid conflicts. Back in February, the V5000 completed a full transition flight at the Kunshan civil drone test base, which was no easy accomplishment. It took off vertically, switched to wing-supported cruise mode, and then landed vertically again, which is a difficult maneuver for any aircraft that combines the two technologies.

The hybrid freight version of the V5000 has now officially entered the airworthiness certification procedure with China’s Civil Aviation Administration, signaling the end of the research phase and the start of the official regulatory process for commercial use. The certification team at AutoFlight has extensive experience, having worked on aircraft such as the ARJ21 and C919, as well as the Diamond DA42.
[Source]

Cognition AI has raised more than $1 billion in new funding at a $26 billion valuation, more than doubling its worth since a September round that valued the company at $10.2 billion. The round was co-led by Lux Capital, General Catalyst, and 8VC, with participation from Ribbit Capital, Atreides Management, and Peter Thiel’s Founders Fund. The company has now raised more than $2.5 billion in total funding.

The numbers behind the valuation tell the story. Cognition’s revenue run rate has grown from $37 million in May 2025 to $492 million today, a 13-fold increase in 12 months. The company says it aims to cross $1 billion in annualised revenue later this year. Its customers include Goldman Sachs, Mercedes-Benz, NASA, Santander, and several parts of the US government.

What Devin does

Cognition’s flagship product is Devin, an AI agent designed to automate the programming process end-to-end. Unlike code completion tools that suggest lines or blocks of code while a human developer writes, Devin operates as a full coding agent that can take a task description and produce working software autonomously. It plans, writes, debugs, and deploys code across complex multi-step workflows.

The most striking claim comes from inside Cognition itself. Scott Wu, the company’s co-founder and CEO, said that more than 90% of the company’s internal code is now written by Devin. That figure, if accurate, makes Cognition one of the most aggressive practitioners of its own product in the history of enterprise software. It is a company that has automated its own engineering function using the tool it sells to automate engineering functions at other companies.

Cognition runs Devin on a mix of its own proprietary models and models from OpenAI and Anthropic. Wu framed this as a strategic advantage rather than a dependency. As the model layer gets more competitive, he said, working with a combination of models produces better results than relying on any single provider. Cognition routes customers to the best tools for their specific needs, positioning itself as an orchestration layer rather than a model company.

The AI coding market is on fire

Cognition’s raise lands in the hottest category in venture capital. Cursor, the AI coding editor built by Anysphere, hit $2 billion in annual recurring revenue in roughly three years and was in talks to raise $2 billion at a $50 billion valuation before SpaceX struck a deal in April for the right to acquire the company for $60 billion. OpenAI and Anthropic are both investing heavily in coding capabilities within their foundation models. Salesforce expects to spend $300 million on Anthropic tokens this year, primarily for coding use cases.

The competitive dynamics are unusual. Cognition uses models from OpenAI and Anthropic, the same companies that are building competing coding products. Wu addressed this directly, arguing that Cognition’s value is in the agent layer, the orchestration, planning, and execution logic that sits on top of foundation models, rather than in the models themselves. This is a bet that the model layer will commoditise while the agent layer captures durable value. It is also a bet that OpenAI and Anthropic will not build equally capable agent products that undercut their own API customers.

The Windsurf acquisition and consolidation wave

Cognition is also growing through acquisition. In July 2025, the company acquired the remaining assets of Windsurf, a coding startup that had been the subject of a bidding war between OpenAI and Google. Google ultimately struck a $2.4 billion deal for Windsurf’s top engineering talent and licensing rights, while Cognition picked up what was left, including technology, customers, and employees who chose not to join Google.

The Windsurf deal illustrates the consolidation dynamics at play. AI-native enterprise spending surged 94% year on year in early 2026 while traditional SaaS growth cooled to 8%, and the capital flowing into AI coding tools is driving a wave of acquisitions, talent raids, and competitive positioning that resembles the early days of cloud computing compressed into months rather than years.

Cognition said it plans to use the new funding to refine its models, improve the customer experience, and potentially make more acquisitions. Wu emphasised on Bloomberg Television that the raise allows Cognition to remain independent, a pointed comment given the SpaceX-Cursor deal and the broader trend of AI startups being absorbed by larger platforms.

The independence question

Whether Cognition can stay independent at this scale and growth rate is the open question. The company is valued at $26 billion with $492 million in revenue, a multiple of roughly 53 times. That valuation holds only if growth continues at its current pace and the AI coding market does not compress around a few dominant players. Every major software company is building AI coding capabilities, and the foundation model providers are steadily improving their native coding performance with every model release.

Cognition’s defence is execution speed and the claim that the agent layer, not the model layer, is where enduring value lives. If Devin can genuinely automate 90% of a company’s coding output, the product is not a developer tool. It is a replacement for a significant portion of the software engineering workforce. That is the same logic driving layoffs at Meta and Microsoft, where companies are converting payroll budgets into AI infrastructure spending. Cognition is selling the tool that makes that conversion possible.

Founded in 2023, Cognition went from a demo that went viral on social media to a $26 billion company in less than three years. The speed is unprecedented, but so is the market it is operating in. AI coding is not a niche product category. It is a direct bet on the proposition that software can write itself, and that the companies that automate programming fastest will capture a disproportionate share of the $600 billion global software market.

The attacker who hit the most financial services organizations over the past 12 months never phished a password. They called an IT support line, convinced an employee to reset their MFA, and registered their own device on the network.

CrowdStrike’s 2026 Financial Services Threat Landscape Report, released this month and covering activity from April 2025 through March 2026, identified Mutant Spider as the single most active threat to the financial services sector. The group’s primary technique was voice phishing over Microsoft Teams. Operators impersonated internal IT support, convinced employees to reset their credentials and multifactor authentication, then registered their own devices on corporate networks. The security control worked exactly as designed — and that was the problem.

Within days, the FBI published a public service announcement warning about Kali365, a phishing-as-a-service platform sold on Telegram for as little as $250 a month. Kali365 captures Microsoft 365 OAuth tokens through the legitimate device code authentication flow. MFA fires on the victim’s device, not the attacker’s. The token grants persistent access to Outlook, Teams, and OneDrive without triggering another MFA prompt.

The Verizon 2026 Data Breach Investigations Report, also released in May, confirmed that credential theft dropped to 13% of breach initial access vectors. Vulnerability exploitation took the top position at 31%, displacing what Verizon called the longtime leading initial-access category. That’s three independent sources, same structural finding. MFA protects password-based authentication, but the attacks dominating financial services increasingly bypass password theft through resets, token grants, and exploitation. The MFA Bypass Exposure Audit Grid at the end of this article maps all five confirmed attack surfaces from the CrowdStrike, FBI, and Verizon reports, what MFA misses on each one, and the specific fix for Monday morning.

The CrowdStrike numbers paint a sector under sustained pressure

Financial services ranked as the fourth most targeted sector by Q1 2026, accounting for 12% of all observed adversary activity, according to the CrowdStrike report. Globally, financial institutions faced 43% more hands-on-keyboard intrusions in 2025 compared to two years earlier. In North America, that figure was 48%.

The e-crime side of the problem grew faster than most defenders expected. Big game hunting operators named 423 financial services entities on dedicated leak sites during the reporting period. That is a 27% increase from the 334 entities named in the prior 12 months. REVENANT SPIDER, which operates the Qilin ransomware-as-a-service program, posted the most financial services victims of any e-crime adversary on its dedicated leak site. The group’s financial services victim count jumped from 14 to 97 over the reporting period.

“Who needs a zero day if all you have to do is call the help desk and say, ‘I forgot my password’?” Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, told VentureBeat. That one sentence captures the structural shift his team documented across twelve months of financial services intrusions.

The interactive intrusion breakdown tells the story of who is actually getting inside these networks. E-crime actors drove 75% of hands-on-keyboard intrusions against financial services. State-sponsored adversaries accounted for the remaining 25%. That ratio has not moved since 2023. What changed is the total volume and the sophistication of the access techniques.

Mutant Spider’s vishing campaigns over Microsoft Teams represent a structural shift in initial access. The group impersonates IT support, manipulates employees into resetting MFA, then deploys custom post-access tools including PrionFlaire, SocksLoader, and SleepyMutagen. CrowdStrike believes the group sells that access to ransomware operators. The Teams call is step one. The ransom note is step five.

“Who needs a zero day if all you have to do is call the help desk and say, ‘I forgot my password’?”

Scattered Spider returned to aggressive ransomware operations against insurance companies from April through July 2025, following a significant operational pause that began in December 2024. The group ran the same playbook it has used since 2022: help desk social engineering; credential and MFA reset requests; then lateral movement through integrated SaaS applications to locate data for extortion. In September 2025, the U.K.’s National Crime Agency arrested and charged two members for allegedly targeting Transport for London. The U.S. Department of Justice separately charged one of them in connection with multiple cyberattacks against U.S. critical infrastructure.

State-sponsored groups added scale and speed

The report’s state-sponsored findings reinforce the identity problem from a different direction. DPRK-nexus adversaries stole $2.02 billion in digital assets in 2025, a 51% increase from the prior year. In February 2025, Pressure Chollima executed the largest single theft ever reported, stealing $1.46 billion in cryptocurrency by compromising Safe{Wallet}, a digital asset management platform supporting the Bybit exchange, after a developer’s machine was infected through a trojanized Python project. China-nexus groups conducted sustained campaigns against financial institutions across multiple continents. Hollow Panda exploited Check Point VPN appliances to target banks in the Philippines, Indonesia, and Brazil. Vault Panda gained initial access through compromised VPN and firewall appliances across four continents. Every state-sponsored campaign CrowdStrike documented shared a common thread. The adversary’s first move targeted an identity, a credential, or a trusted access path.

Elia Zaitsev, CrowdStrike’s CTO, told VentureBeat in April that the speed of these operations is outpacing traditional defense models. “Traditional approaches are just not designed for this sort of behavior,” Zaitsev said.

Kali365 turns token theft into a subscription service

The FBI’s May 21 public service announcement on Kali365 confirmed the second attack path that makes this a compound problem. The platform exploits Microsoft’s OAuth 2.0 device authorization grant flow, a mechanism designed for devices like smart TVs and conference room systems that cannot support interactive login. Kali365 sends phishing emails impersonating trusted services like Adobe Acrobat Sign, DocuSign, and SharePoint. The email contains a device code and instructions to visit a legitimate Microsoft verification page. The victim authenticates normally. MFA fires. The token goes to the attacker.

Arctic Wolf, which published a technical deep dive on Kali365 in April, documented a three-tier commercial structure. An admin tier for the developers, an agent tier for resellers, and a client tier for paying affiliates. Subscription pricing runs from $250 for 30 days to $2,000 for a year. The platform supports 14 languages and includes AI-generated phishing lures, automated campaign templates, and a real-time tracking dashboard.

The device code flow is not a vulnerability. It is a feature. Microsoft designed it for devices that cannot support interactive login. The problem is that default Entra ID configurations do not restrict its use, and most organizations have never audited whether any legitimate workflow actually requires it. Kali365 exploits that gap between design intent and deployment reality.

The Verizon DBIR reinforced that assessment from a different angle. The 2026 edition analyzed more than 22,000 confirmed breaches across 145 countries. Vulnerability exploitation at 31% now leads credential abuse at 13%. The median time for full patching increased to 43 days, up from 32. Organizations patched only 26% of critical flaws in CISA’s Known Exploited Vulnerabilities catalog, down from 38% the prior year.

That data creates a clear picture. The industry has spent two decades building defenses against credential theft. The attacks that are actually working in financial services either remove MFA through social engineering or capture tokens through legitimate authentication flows where MFA does not protect the attacker’s session.

MFA Bypass Exposure Audit Grid

Security directors need to run this audit against their environment this week. Each row represents a confirmed attack path from the three reports above.

Mike Riemer, SVP and field CISO at Ivanti, told VentureBeat in an exclusive interview that the speed problem compounds the budget misalignment. “Threat actors are reverse engineering patches, and the speed at which they’re doing it has been enhanced greatly by AI,” Riemer said. “They’re able to reverse engineer a patch within 72 hours. If I release a patch and a customer doesn’t patch within 72 hours of that release, they’re open to exploit.”

The structural problem is clear

“People are forgetting about runtime security,” Zaitsev said. “We’ve done this before, with endpoint and virtualization and cloud. People really focused on, hey, let’s patch all the vulnerabilities. Impossible. Let’s make sure we lo

ck down all the permissions. Somehow always seem to miss something.”

The attackers who matter most in financial services right now are not stealing passwords. They are calling help desks. They are exploiting legitimate authentication flows. They are capturing tokens that persist for months. The defenses that consumed the largest share of security budgets for the past decade are pointed at a threat that just dropped to third place.

The fix is not adding another layer of MFA — Zaitsev and Riemer both said as much. It’s rethinking what MFA actually protects, what it doesn’t, and where the budget needs to go next.

• Sony’s 2026 TV range has now all been announced
• Three tiers: RGB mini-LED, OLED and LED
• In sizes from 43 inches to 115 inches

Sony has just launched two new Bravia TVs today, with the new Bravia 7 II and Bravia 9 II replacing the current Bravia 7 and Bravia 9. The new models have RGB mini-LED backlights and fairly hefty prices: the Bravia 7 II starts at £1,899 / $1,599 (about AU$3,560) for a 50-inch model, and this rises to £22,999 / $30,999 (about AU$43,165) for the Bravia 9 II at 115 inches.

Although the two highest-end models simply replace their predecessors, other models in the current Bravia range are a little more confusing: both the Bravia 8 and the Bravia 8 II are available, while there’s no Bravia 5 II – just the Bravia 5. And have you ever tried saying the name of the Bravia 2 II out loud to someone? It requires explanation!

It’s a little confusing (though only a little by TV-naming standards), but it all makes more sense when you see that the Bravias are broken into three tiers: True RGB mini-LED, OLED and LED respectively. The bigger the number, the further up the list it lives.

Latest Videos From

Which Bravias are in the Sony range of 2026 TVs?

Merck is using AI agents to cut drug discovery cycles by a third and ship compliant marketing materials up to 80% faster — but VP of Digital Platforms Sean Finnerty says the only reason it’s working is because they built the infrastructure first.

And the pharmaceutical manufacturer is seeing promising early results: AI is generating marketing drafts that are “99% right” when it comes to compliance, shrinking review cycles from months to days and accelerating delivery by 70% to 80%. In the company’s medical research, meanwhile, one AI-assisted discovery cycle was reduced by 33%.

Still, agentic AI only works if companies first build the underlying “plumbing,” Finnerty said of digital platforms and services at a recent AI Impact Series event.

“If we do one-offs, we’re gonna end up with thousands and thousands of things that are ultimately just gonna be debt that we’ll have to deal with later,” he said. “And that’s gonna be a drag on any further innovation.”

Starting with the plumbing

Merck’s plumbing-first strategy comes from lessons learned during the early days of cloud in the 2010s “when nobody knew what the heck was going on,” Finnerty said.

Getting the cloud right meant building from the ground up; at Merck, that infrastructure now supports 2,500 AWS accounts, numerous Microsoft Azure subscriptions, and new Google Cloud Platform (GCP) integrations.

“AI is gonna be the same exact thing,” Finnerty said. “We’re going to have thousands and thousands of agents.” The questions then pile up: How do you register them? How do you secure them? How do you ensure they’re connected to the right tools, and have access to the right data and the right context?

Context delivery is also critical; Merck works with three hyperscalers and has forty-seven edge locations and hundreds of databases. “Many, many petabytes” of structured and unstructured data are stored in Oracle databases, SQL databases, Excel spreadsheets, phone transcripts, and other repositories, Finnerty said.

His team is building scaffolding to deliver meaningful context in various situations, he explained. Data must be organized and ingested into various platforms, because “there’s no one solution to solve every single problem.” Sometimes it’s Databricks, other times it’s Amazon Redshift, “plus four other things.”

The goal is: “Let’s make that easy and frictionless for people to do, and secure it, and make sure it’s well integrated with MCP [model context protocol], and A2A [Agent2Agent], and upstream compute,” Finnerty said. “If you wanna run stuff on GCP or you wanna run stuff on AWS, we’ve got the plumbing in place so you can run your adjacent workloads wherever you want.”

How Merck is using agents

As it builds out its technical plumbing, Merck is experimenting with agents across regulated enterprise operations, scientific discovery workflows, and app modernization.

Notably, AI is accelerating drug discovery. Finnerty explained that scientists look at molecular structures and disease states to determine if a given condition is druggable. But even if a disease state is known, developing a drug to target it can take years.

Now with AI, teams are starting to see “very promising things,” such as cutting one particular research cycle down by one-third. “That’s a year off of the life of the discovery cycle,” Finnerty said. “Which means, theoretically, we can get it to a patient who needs that therapy a year faster.”

Once developed and approved, these products are regulated and marketing materials around them must be clearly and explicitly articulated. “The way you communicate that information per market, per country, per state, per region, is all very carefully governed and regulated,” Finnerty said. It’s also variable: An ad campaign for a vaccine in the state of Georgia looks much different from one launched in Canada.

Historically, humans did the due diligence to make sure the company complied with various laws. Draft materials go through iterations of reviews; when a mistake is discovered, it gets “kicked back to the beginning, and it goes through it again, and then it takes another however many weeks and months,” Finnerty said.

But now, AI can do that “much, much more effectively,” and the process is increasingly evolving from a human-in-the-loop to essentially a “human-as-governor.” With human oversight, AI can deliver a first draft in a day or week that is 99% there, allowing teams to ship materials up to 80% faster.

Meanwhile, when it comes to app modernization, AI can discover architecture, document data interactions, APIs, network paths, and do authentication checks and authorization; it can also write code for Terraform for deployment and refactor JavaScript into Python.

Where the company would have previously spent weeks and months and hundreds of thousands of dollars to update one application, Finnerty said, agents are now handling the work through prompts.

Running into “wackiness”

That’s not to say there aren’t significant challenges; Finnerty noted that his team has run into some “wackiness”; for example in automated code and scenario testing. AI has blatantly made up scenarios, whether due to incorrect context, infrastructure, “or if it was just getting creative with, ‘You should be testing these three functions that don’t even exist in the code that you’re trying to test.’”

“That surprised me a little bit because I thought we were further past some of the hallucination challenges in these later models,” he said.

To address this, his team has engineered guardrails to keep hallucinations to a minimum, essentially using AI to supervise AI and applying confidence scores. So if Claude created the first output, they’ll instruct Microsoft Copilot to assess it.

“So if you ask something once, have AI check it, then ask it a third time, the confidence increases every time, and it minimizes some of the garbage that gets created in the early runs,” Finnerty said.

Use cases for agentic AI in financial services

Meanwhile, at Mastercard, Chief Data Officer Andrew Reiskind and his team are focusing agentic experimentation on highly orchestrated transaction and dispute workflows. As he noted, a chargeback or fraud dispute is not a single event.

When a consumer disputes a charge (typically online), that “kicks off an entire other process on the back-end that tends to be very labor-intensive,” Reiskind said.

Mastercard has to collect specifics about the actual dispute; then the merchant has its own investigations (Was the card reported as lost or stolen? Does the consumer dispute charges often?). Further, the network sitting in the middle has its own rules for timing and information submission.

“You have each and every one of these steps, many of which are unstructured, but there are also structured data elements to this,” Reiskind said. Whether a card was lost or stolen tends to be structured, but the consumer complaint is “unstructured data of questionable reliability.”

“So you’re sitting there with a decisioning system that has deterministic decisions, but also probabilistic decisions,” he said.

This problem can be sped up and potentially solved by AI agents, but that can be a complex process: Which tasks are you handing off to agents? When are they kicking things back to human reps? How many agents are you ultimately using? What are the cost implications?

Then there are reputational questions and costs: Have you just called a consumer potentially a liar when they weren’t lying?

“It’s an exact problem where you want to, as a bank, maintain trust with your consumer,” Reiskind said. “But you also wanna make this efficient and take costs out of the system.”

The PB&J versus turkey mistake: Determine what risks are acceptable

There’s always going to be risk with AI, and enterprises should assess it from the beginning of product design, Reiskind said. There’s also the question of acceptable risk.

As an example: Did you serve a customer a peanut butter jelly sandwich instead of a turkey sandwich (a minor inconvenience)? Or did you serve gluten to someone with celiac disease?

“Is it an acceptable risk if one percent of the time it makes the mistake? If it is, let’s go to the next stage of how you’re mitigating that risk,” Reiskind said.

Leaders must perform cost-benefit analysis, break problems down to their “constituent pieces,” and calculate cost for each one. But these are estimates; it’s near-impossible to forecast real usage, Reiskind said. “It is not a simple process to get to the cost,” he said. “But it is doable.”

The Illinois House of Representatives passed a bill on Wednesday requiring frontier AI labs like OpenAI, Anthropic, and Google DeepMind to have their safety practices audited by a third party. If signed into law, AI safety experts tell WIRED, it would be the nation’s leading check on the power of major AI companies.

The bill, SB 315, now heads to governor JB Pritzker’s desk. In a post on social media on Wednesday, Pritzker said he plans to sign the bill, citing a need to hold Big Tech accountable.

Since Congress has yet to pass any meaningful AI safety legislation, state lawmakers have happily stepped up in recent years to promote bills that show their constituents they’re keeping Silicon Valley in check. As AI tools become increasingly popular, and the companies behind them race toward massive IPOs, polls show that American voters are looking for more AI regulation.

As a result, safety advocates and tech companies have zeroed in on state legislatures as the primary battleground to hash out how these laws should look. OpenAI’s chief of global affairs, Chris Lehane, told WIRED last week that the company’s AI policy is now oriented around passing a series of similar state laws.

California and New York have the strongest AI safety laws, requiring tech companies to provide information about model guardrails and to publish reports on safety incidents as they occur. Illinois’ bill goes a step further, requiring independent auditors to verify that an AI lab is adhering to its own safety standards. Previously, no independent body was required to keep an AI lab accountable to its own safety claims.

“We’re in a situation where the AI companies grade their own homework,” says Scott Wisor, policy director at Secure AI Project, a nonprofit that supports SB 315. “Should SB 315 become law, Illinois would require an independent auditor to check whether the AI labs in fact adhere to their safety commitments.”

Wisor says it’s broadly expected that, under SB 315, AI labs could use the Big Four accounting and auditing firms—Deloitte, EY, KPMG, and PwC—to audit their safety practices. He also says it’s possible that AI labs could tap members of the AI Evaluator Forum—a coalition of smaller research organizations including METR, Transluce, and Averi—to assess adherence to safety standards.

Illinois state representative Daniel Didech, a sponsor of SB 315, tells WIRED that state legislatures are playing an important role by shaping America’s AI policy and acting as a testing ground for any federal laws that might come in the future. “Laws like this create a world where it’s more likely for the federal government to pass something,” Didech says.

Corporate Interests

Illinois has emerged as a major arena in the ongoing fight over state AI laws. OpenAI previously supported a bill in Illinois that would let AI labs dodge liability if their models caused catastrophic harm. However, Lehane has since said the company’s blanket support for the bill was an oversight, and it never supported the liability shield in the bill. More recently, OpenAI endorsed SB 315.

“The Illinois General Assembly has shown real bipartisan leadership in advancing SB 315 and developing a thoughtful framework for frontier AI safety. As AI systems become more capable, clear expectations around safety, transparency, incident reporting, and accountability matter,” Lehane said in a statement to WIRED.

Virtualization

Hyperscalers can get hardware before enterprise vendors and buyers don’t much care where they land

Hyperscalers’ purchasing power means bare metal servers offered by major clouds can now be cheaper and easier to acquire than on-prem servers, according to Nutanix CEO Rajiv Ramaswami.

The CEO told The Register hyperscalers’ ability to buy servers and memory in bulk means they can often make infrastructure available faster than enterprise hardware players, and sees some customers who have previously preferred on-premises infrastructure heading for the cloud.

Ramaswami said he expects high memory and solid state storage prices will persist into next year and noted the impact of current price rises on the cost of servers.

“What that means for customers is they need to plan and budget carefully,” he said. “They pick servers on price and lead time” – and clouds often win on both metrics.

At the same time, Ramaswami said customers increasingly favor on-prem AI infrastructure to keep costs predictable. They want that because the CEO thinks AI remains “one of those things where people feel they have to do it” and return on investment is unclear.

“People are seeing incremental benefits,” he said, citing document search and summaries as the most common on-prem AI applications. Nutanix, he said, has measured a ten-percent improvement in service response times from using AI, while its developers are delivering new features 50 percent faster than before they used AI helpers.

Enterprise virtualization stacks like Nutanix’s products can require several hefty hosts to run. Ramaswami said he’s comfortable the footprint of his company’s products is not an issue for new buyers, but that he is also keenly aware that customers are looking for smaller hosts – and even servers running non-x86 processors.

For now, he doesn’t see sufficient appetite for Arm servers that Nutanix will devote developer time to porting its stack to that platform. But if demand comes, Ramaswami is confident it won’t be a major job as FOSS projects the company relies on – such as Kubernetes and the KVM hypervisor – already run on Arm silicon.

The CEO’s remarks came on the same day Nutanix reported its Q3 2026 results, which included news that the company won 730 new clients in the last quarter with Ramaswami saying “most moved from legacy vendors to us.”

That’s almost certainly a reference to VMware. Whether Nutanix is hurting its rival remains to be seen: pre-acquisition VMware had over 350,000 customers and now focuses on the top 10,000. Nutanix can pick up former Virtzilla users without disrupting Broadcom’s master plan.

Ramaswami said many new customers have taken advantage of Nutanix’s shift to allow use of external storage, a change from its previous insistence on using only its own software-defined storage. The CEO said the company scored a pair of seven-figure deals with companies that chose to continue using external storage from Everpure (formerly Pure Storage) and Dell, respectively.

Q3 revenue was $703 million, a ten percent year on year jump. Nutanix has always preferred to emphasize annual recurring revenue as a metric, and that rose 15 percent year over year to $2.43 billion.

Investors liked what they heard, sending Nutanix’s share price up a couple of points in after hours trading. ®

Don’t worry: It will keep your profiles and scrobbles.