Accel led the London chip startup’s round, with Pat Gelsinger joining as an angel investor, weeks after Anthropic was reported to be in early discussions to become a customer.

Fractile, the London-based startup designing inference chips that put compute and memory on the same die, has raised $220 million to take its hardware to production, the company said on Tuesday.

The round closes above the $200 million reported target the company was understood to be sounding out in late March, as Electronics Weekly first noted, and lifts Fractile into the cohort of European chip companies pitching themselves as alternatives to Nvidia at the inference layer.

The investor profile is what gives the round its weight. Accel is understood to have led, with former Intel chief executive Pat Gelsinger participating as an angel and operating adviser.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!

Existing backers Kindred Capital, the NATO Innovation Fund, and Oxford Science Enterprises, which co-led Fractile’s $15 million seed in July 2024, are part of the round. 

The technology argument runs against the prevailing architecture. Conventional AI accelerators, including Nvidia’s H- and B-series GPUs, separate the compute die from high-bandwidth memory and pay an energy and latency tax shuttling data between them.

Fractile’s design instead performs the matrix multiplications that dominate transformer inference inside SRAM cells located alongside the compute logic, an in-memory-compute approach the company says removes most of the DRAM dependence that is currently the binding constraint on inference cost.

Fractile claims the resulting chip can run frontier models up to 100 times faster and 10 times cheaper than current GPU setups; more recent investor materials, frame the comparison as 25 times faster at one-tenth the cost.

Whether those numbers hold under production loads is the central technical question. The company has so far disclosed simulation and small-silicon results rather than at-scale benchmarks against deployed GPU clusters. F

ractile’s first commercial chip is not expected to be available until 2027, a timeline the company has reiterated publicly, and the $220 million is sized to take the design through tape-out, software-stack build, and early customer integration rather than full production ramp.

The customer side is where the round arrives at the right moment. Anthropic is in early discussions to buy Fractile chips when they are available, multiple outlets reported earlier this month.

If the relationship formalises, Fractile would become Anthropic’s fourth named compute supplier alongside Nvidia, Google’s TPUs, and Amazon’s Trainium and Inferentia parts.

Anthropic has separately been exploring building its own custom AI chips, but the Fractile track suggests it is still pursuing a multi-supplier hedge.

Fractile is also part of a small group of European chip startups whose pitch is that the inference market is structurally distinct from training and therefore winnable.

TNW has tracked three such companies across the past year. The argument is that training will continue to require the largest, most exotic systems and that Nvidia’s CUDA moat is strongest there, while inference, the workload that actually consumes most of the dollars once a model is deployed, rewards specialised architectures tuned for throughput and energy per token rather than peak FLOPs.

The competitive set on that thesis is becoming crowded. Groq has shipped its language-processing units to multiple model providers and recently raised at a $6.9 billion valuation; Etched is building transformer-specific silicon; Cerebras and SambaNova have raised against the same workload from different angles.

Google itself is assembling a four-partner inference-chip supply chain with Broadcom, MediaTek, and Marvell to challenge Nvidia at the inference layer. Fractile’s claim is that its in-memory architecture wins on the metric that matters most for cost-sensitive inference, watts per useful token.

The round follows Fractile’s February announcement of a £100 million ($132 million) three-year expansion of its London and Bristol operations, including a new hardware-engineering site in Bristol, and fits the wider UK sovereign-AI push that also produced the BT, Nscale, and Nvidia data-centre partnership in April.

Founder and chief executive Walter Goodwin, an Oxford Robotics Institute PhD now in his late twenties, has been the public face of the pitch.

The team has drawn engineers from Graphcore, Nvidia, and Imagination Technologies, and is building its software stack alongside the silicon. Tape-out and customer integration are the next visible milestones.

The vulnpocalypse has begun. 

Palo Alto Networks usually finds five vulnerabiilties a month, but on Wednesday said it scanned its entire codecase using the latest frontier models, including Anthropic’s Mythos, and found 75 security holes, covered in 26 CVEs.

This comes a day after Microsoft said it used its new agentic bug hunting system called MDASH to find 17 vulnerabilities across its products – on a record-setting Patch Tuesday that saw Redmond disclose a whopping 30 critical CVEs.

Plus, last week Mozilla said it fixed 423 Firefox bugs in April, which is more than five times higher than the 76 fixes issued in March and almost 20 times higher than its 21.5 monthly average last year. The browser maker previously said Mythos found 271 flaws in Firefox 150.

It shouldn’t be all that shocking. Security vendors have long warned about attackers using AI, and how this means defenders need to operate at AI speed to protect their own networks and systems (aka buying their AI-infused products).

Now that models have become really good at finding bugs in code, security shops are using AI to scan their own software, hopefully to uncover and fix flaws before the baddies do. And this trickles down to two things: more patches, and more work for admins.

Zero Day Initiative’s chief vuln finder Dustin Childs agrees with this assessment. 

“At first, yes, this means more patches and thus more work for admins,” he told The Register. “The goal over time would be to eliminate as many as possible, and, over time, that monthly number goes down.”

What will make this whole AI bug hunting season “really painful,” he continued, is if the patches don’t work or – worse yet – break things.

“Many customers don’t trust patches as it is, so if AI-related patches break things, they are less likely to apply as time goes on,” Childs added. “This will be true even if AI only finds the bugs and doesn’t make the patches.”

Bug hunting on steroids

This isn’t to say security companies should avoid AI to find and fix flaws. “All vendors should use what tools they have to find and remediate bugs before they are exploited in the wild,” Childs said. “Ideally, they would find the bugs before they even ship, but I’m not holding my breath for that to happen.”

Both Microsoft and Palo Alto Networks (PAN) are part of Anthropic’s Project Glasswing, which means they are among the select group of entities allowed to test Mythos, the much-hyped LLM, to find security holes in their own products. 

Palo Alto Networks began testing Mythos on April 7, and has since continued using the LLM and other frontier models, including Claude Opus 4.7 and OpenAI’s GPT-5.5-Cyber, according to product manager Lee Klarich.

“Today, we released our May ‘Patch Wednesday’ security advisories,” Klarich said in a Wednesday blog, adding that “this is the first time where the majority of findings were the result of frontier AI models scanning our code.”

The LLMs scanned over 130 Palo Alto Networks products and platforms  platforms, and as noted above found 75 issues, covered in 26 CVEs. 

None of these bugs are under exploitation, and as of Wednesday the company has fixed all bugs in its SaaS-delivered products and coded patches for all customer-operated products.

Maybe 5 months before ‘AI-driven exploits the new norm’

“We intend to fix every vulnerability we find before advanced AI capabilities become widely available to adversaries,” Klarich said in his blog, adding that his company expects “a narrow three-to-five-month window for organizations to outpace the adversary before AI-driven exploits start to become the new norm.” 

A day earlier, Microsoft said its new multi-model agentic scanning harness (codename MDASH) helped researchers find 16 new vulnerabilities across the Windows networking and authentication stack, as disclosed in May’s Patch Tuesday event. This included four critical remote code execution flaws in components such as the Windows kernel TCP/IP stack and the IKEv2 service. 

“Unlike single-model approaches, the harness orchestrates more than 100 specialized AI agents across an ensemble of frontier and distilled models to discover, debate, and prove exploitable bugs end-to-end,” Microsoft VP of agentic security Taesoo Kim said in a Tuesday blog.

Tom Gallagher, VP of engineering at Microsoft Security Response Center, admitted that “this month’s release sits on the larger side of a hotpatch month.” Gallagher said he expects AI-assisted bug hunting to increase Patch Tuesday releases as both Microsoft and third-party researchers use these tools to boost vulnerability discovery.

And yes, all of this ultimately means more patches and more work. 

More patches = more work

“Finding bugs has always been the cheap end of the pipeline,” Luta CEO Katie Moussouris told The Register. “Triage, disclosure, building patches that do not break production, and getting customers to deploy them is the expensive end, and nobody has funded it for this volume.” 

Moussouris helped convince Redmond’s top brass that Microsoft needed a bug bounty program in 2013, and three years later started her own bug bounty consultancy.

She noted Palo Alto Networks’ staggering jump in CVEs this month. “Multiply that across every vendor and the bottleneck becomes admins and vulnerability management teams,” Moussouris said.

And she also stressed that people should be using these new models to find vulnerabilities. “It is exactly what defenders should be doing,” Moussouris said.

“Both PAN and Microsoft landed on the same answer: no single model catches everything. PAN ran Claude Mythos, Claude Opus 4.7, and GPT-5.5-Cyber because each finds bugs the others miss,” she added. 

“Microsoft orchestrates over 100 specialized agents across multiple models. Add threat intel and codebase context, and Microsoft rediscovered 96 percent of five years of confirmed bugs in a critical Windows component. The asymmetry is temporary, PAN puts adversary parity at three to five months, so any vendor not scanning their own code now is letting someone else find their bugs first.”®

Ransomware group Nitrogen claimed to have exfiltrated 8TB of data, included files related to projects involving Intel, Apple, Google, Dell, Nvidia and other companies.

Taiwanese electronics manufacturer Foxconn has confirmed a cyberattack affecting its North American operations, after a hacking group claimed to have stolen 8TB of data from the company.

Nitrogen, a ransomware group that targets companies in areas such as construction, financial services, manufacturing and technology, claimed on Monday (11 May) to have stolen 11m files from the prominent tech supplier and manufacturer.

Nitrogen claimed that the extracted files included confidential instructions, internal project documentation and technical drawings related to projects involving Intel, Apple, Google, Dell, Nvidia and other companies.

The hacking group also reportedly posted a collection of sample files on the dark web.

Foxconn is a key manufacturing contractor for electronic components or entire devices, most notably Apple iPhones and iPads, as well as Nintendo gaming systems and Sony devices – including most PlayStation consoles – to name but a few.

Foxconn has a number of factories in North America, including US-based facilities in Wisconsin, Ohio, Texas, Virginia and Indiana, and several across Mexico. While the company confirmed the attack, it didn’t specify which facilities were affected – although reports suggest the company’s Wisconsin site being affected, as well as its Houston, Texas site.

Days before Nitrogen claimed the cyberattack, Foxconn released a statement that IT systems at its Mount Pleasant, Wisconsin facility experienced a “technical issue affecting operations”.

In a statement provided to SiliconRepublic.com, Foxconn confirmed that “some” of the company’s factories in North America suffered a cyberattack.

“The cybersecurity team immediately activated the response mechanism and implemented multiple operational measures to ensure the continuity of production and delivery,” read the statement.

“The affected factories are currently resuming normal production.”

Nitrogen, which has been operating since 2023, is believed to be one of many ransomware offshoot groups that borrowed code from the Conti ransomware builder that was leaked in 2022 – Conti was the ransomware behind the cyberattack that significantly affected the Irish Health Service Executive in 2021.

Earlier this year, cybersecurity researchers from Coveware reported a considerable error related to Nitrogen’s ransomware – specifically the group’s malware that targets VMware ESXi.

The researchers analysed Nitrogen’s ransomware program and reported that a programming error prevents the group’s decryptor from recovering victims’ files, with the researchers adding that paying a ransom is therefore futile.

In other recent cybersecurity news, edtech giant Instructure reached an agreement with cyber gang ShinyHunters on Monday, after the group breached the company’s education management platform Canvas last week.

As per the agreement, the cyber extortion group has returned stolen data and deleted copies, and has agreed not to extort the institutions affected in the hack, Instructure said. The company did not say what it had given the hacker group in exchange for the terms.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption.

The company said that it detected a compromise on May 4th. An investigation into the incident determined that the attacker stole data from the network.

“On May 7, 2026, West Pharmaceutical Services, Inc. determined that […it] has experienced a material cybersecurity attack, in which certain data was exfiltrated by an unauthorized party and certain systems were encrypted,” West Pharmaceutical Services notes in a filing with the U.S. Securities and Exchange Commission (SEC).

“Upon initial detection of an intrusion on May 4, 2026, the company promptly activated its incident response protocols, including proactively taking systems offline globally for containment purposes, notifying law enforcement, and engaging external cyber-forensic experts.”

An investigation is currently underway to determine the exact nature and scope of the incident, and the type of data the attacker stole.

West Pharmaceutical Services is a publicly traded, S&P 500 American pharmaceutical manufacturing company with annual revenues exceeding $3 billion and more than 10,800 employees globally.

The company specializes in injectable drug packaging, syringe and vial components, containment systems, and drug delivery devices.

The cyberattack triggered a response that inevitably disrupted the company’s global business operations.

The firm says it has restored its core enterprise systems that support shipping and manufacturing operations, and manufacturing has been partially restarted.

Complete restoration of all systems has not yet been achieved, and no timeline for finalizing this restoration was provided at this time.

Similarly, the company has not made any estimates about the incident’s material impact on its financials.

It’s worth noting that West Pharmaceutical Services stated that it has taken steps to mitigate the risk of the dissemination of the exfiltrated data, but hasn’t specified exactly what those steps are.

BleepingComputer has contacted the firm with a request for comments about the attack, its impact, and its current incident management plan. A company spokesperson said that immediately after detecting the intrusion, incident response and crisis management protocols were activated.

“Following initial detection of an intrusion on May 4, 2026, West Pharmaceutical Services promptly implemented a series of technical and organizational measures to contain and mitigate the potential impact. This included the proactive shutdown and isolation of affected on-premise infrastructure for containment purposes, restriction of access to enterprise systems, and activation of further incident response and crisis management protocols, including notifying law enforcement.”

West Pharmaceutical Services also engaged Palo Alto Networks’ Unit 42 for incident response, containment, and recovery efforts, in coordination with other external experts and legal counsel.

No ransomware groups have taken credit for the attack on West Pharmaceutical Services at the time of writing.

AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.

At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.

Claim Your Spot

Strands is the NYT’s latest word game after the likes of Wordle, Spelling Bee and Connections – and it’s great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my NYT Connections today and Quordle today pages for hints and answers for those games, and Marc’s Wordle today page for the original viral word game.

• ZAM stacks nine functional memory layers vertically inside every compact module
• Each ZAM memory layer reportedly contains exactly 1.125GB of DRAM capacity
• Estimated ZAM bandwidth figures now approach Nvidia HBM4 performance territory closely

Computer memory architecture is set to undergo a significant structural transformation in the coming years.

A new design called Zero-Angle Memory (ZAM) stacks chips vertically rather than spreading them across a flat surface, a shift that could increase data transfer speeds while lowering power consumption.

from the lawless-government dept

Let’s hope the word “possibly” can be stricken from this headline in the near future. And while contempt charges don’t mean much to an administration that is openly contemptuous of anything that hints at checks or balances, it would, at the very least, encourage other judges to stop treating the Trump DOJ like it’s worthy of anything less than contempt.

If nothing else, federal judge Melissa DuBose has at least forced the government to publicly admit it’s been lying to her.

A federal judge said Monday that the Trump administration had put her security at risk by posting a “patently false” allegation that she knowingly released an ICE detainee with an international warrant for murder.

Justice Department attorney Kevin Bolan profusely apologized to Rhode Island-based U.S. District Judge Melissa DuBose for the press release posted last week by the Department of Homeland Security, which Bolan acknowledged “simply was not true.”

Let’s go live (because — for whatever reason — the press release is still “live”) to the DHS website posting, which leads off with this headline because it’s operated by unserious people who have chosen to serve an autocratic megalomaniac rather than the nation itself:

Activist Biden Judge Releases Violent Criminal Illegal Alien Wanted for Murder

A judge ordering the release of an arrestee on bail is rarely reason for a public statement by a federal agency. Normally, they’ve got better stuff to do that engage in personal attacks on judges who have done nothing more than interpreted the law and ruled accordingly.

Every alleged crime is noted in bold type in the press release, which also includes this statement from the DHS (emphasis in the original):

“Bryan Rafael Gomez is a criminal illegal alien from the Dominican Republic with an international warrant for homicide,” said Acting Assistant Secretary Lauren Bis. “An activist judge appointed by Joe Biden released this wanted murderer back into American communities. This is yet another example of an activist judge trying to thwart President Trump’s mandate from the American people to remove criminal illegal aliens from our communities. Under President Trump and Secretary Mullin, DHS will continue to fight for the removal of criminal illegal aliens who have no right to be in our country.”

Even if you choose to ignore the headline and the politically motivated attacks on the judge, you’re still left with something that isn’t normally the way the federal government does business. After all, judges are part of a co-equal branch, and there’s little to be gained by pretending normal court stuff is “activism.”

There’s even less to be gained when it’s discovered that the government’s lawyers didn’t bother to apprise the judge of this homicide warrant the DHS is now using to attack the judiciary. And what’s left of the DOJ appears to have realized this belatedly. There’s a lot of contrition in this short filing that Assistant US Attorney Charles Calenda (who oversees the affected jurisdiction) hopes will defuse the judge’s righteous anger.

Signed by Assistant US Attorney Kevin Bolan, the response to Judge DuBose’s order to show cause blames ICE for misleading the judge, even though it was Bolan who ultimately did the misleading:

Before the response was filed, I had been informed by ICE about the Petitioner’s pending arrest warrant issued on January 24, 2023, from a court in the Dominican Republic and that I could not disclose that information. I was not aware that ICE had previously disclosed that same information on April 16, 2026. In failing to disclose the information regarding Petitioner’s criminal history, I relied on ICE’s representation that I was not permitted to disclose that information and understood that a legitimate law enforcement reason prevented disclosure. Judge DuBose, therefore, lacked that information about the Petitioner’s criminal background when she granted the petition.

I sincerely apologize to Judge DuBose, personally, and to the entire Court for the consequences of this lack of disclosure.

Sure, contrition is welcomed. But it’s not quite as welcome when (1) ICE had already disclosed this fact, (2) the DHS continues to post an unwarranted attack on this “activist judge,” and (3) nobody in the government appears willing to act honestly until a court forces them to do it.

The DOJ may have some plausible deniability, but that relies on everyone assuming this administration is so disjointed some fingers may not even know what other fingers are doing, which is something that needs to be addressed before we get to larger questions vis-à-vis right hands and left hands knowing what each other are up to.

And while the DOJ may have some legitimate complaints about being both understaffed and overwhelmed by immigration cases, the problem lies with Donald Trump and his cabinet full of bigoted middle managers. The administration is still hoping to eject nearly a half-million more people by the end of the year. Meanwhile, the DOJ continues to bleed talent thanks to loyalty purges and prosecutors walking off the job because they can’t stomach what they’re being commanded to do.

The solution is contempt charges. It’s not a perfect solution, but it’s a start. Judge DuBose says she’s looking at both the DOJ and DHS. If any entity should bear the brunt of this, it’s the DHS, which continues to post misleading invective targeting this judge, as well as being instrumental in the burial of information the judge should have had access to while making a release determination.

And while I understand that contempt charges just mean taxpayers will continue to bail out an administration unworthy of its tax dollars, it will at least contribute to the steady drip of adverse rulings. When enough of those pile up, it becomes a flood this administration won’t be able to contain.

Filed Under: contempt, dhs, doj, kevin bolan, mass deportation, rhode island, rule of law, trump administration

AI tools are everywhere, so why do most people still use them like it’s 2015? Artificial intelligence now sits inside almost every tool you open, from search engines and office apps to browsers, phones, and creative software.

Updates keep adding assistants, copilots, and generators, each one promising to change how work gets done.

On paper, adoption looks high. Millions of users already have these features available, often switched on by default, waiting inside menus most people rarely explore.

Actual behaviour moves more slowly. Many users still write documents line by line, search the web the same way they did years ago, and complete tasks manually, even when the software suggests another option.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!

The goal was never to replace creativity or talent, but to augment it, and that only works when people understand where the new capability fits into what they already do.

In this article, we look at why AI tools are everywhere, yet everyday software use still feels stuck in the past. The real problem isn’t access to AI, it’s adoption.

Software vendors are not moving slowly. New AI features appear in updates almost every week, added to tools people already use for writing, coding, design, search, and communication.

Access is no longer the barrier. What’s missing is the moment when the user actually learns where the new feature fits into their existing workflow.

Most software still expects people to figure that out on their own, which is why tools like WalkMe Learning Arc focus on teaching features within the application rather than sending users to separate documentation or training portals.

The shift reflects a wider realisation across the industry that releasing functionality does not mean people will use it, a problem also discussed in debates around AI oversight and usability in clarity as a strategy.

Most learning still happens outside the tool itself. Users are expected to read guides, watch tutorials, or sit through formal sessions similar to traditional employee training programmes, even though the real difficulty only appears once they are back inside the software, trying to complete a task under time pressure.

In practice, people fall back on habits they already trust, ignoring features they never had time to explore properly. Innovation keeps moving forward, but user capabilities move at a different pace.

Feature overload is making modern software harder to use

Modern apps are not struggling because they lack capability. They struggle because every update adds another layer on top of what was already there. AI did not replace old interfaces; it stacked on top of them, which means users now face more options, more panels, and more assistants than before.

Even discussions about how AI analytics agents need guardrails, not more model size, reflect the same concern that adding intelligence does not automatically make software easier to use.

Open almost any tool today and the pattern looks familiar: office software with built-in copilots and sidebars, design tools filled with generators, templates, and prompts, productivity apps with chatbots inside every menu, and platforms that expect users to learn through guides similar to employee training.

When the interface becomes crowded, people stop experimenting and return to what they already know. More power sounds good in release notes, but in practice, it often means more decisions on every screen. That is why usage patterns often lag years behind the technology already available.

People don’t resist AI; they resist changing how they work

Most users are not against artificial intelligence. What they resist is changing the way they already know how to work.

Once a routine feels reliable, people repeat it without thinking, even when the software offers a faster method. Habit becomes the default, which helps explain why the gap is growing between AI availability and real capability.

While most employees are expected to use AI at work, only a minority feel properly trained to do so. Microsoft research shows that 66% of leaders say they wouldn’t hire someone without AI skills.

Many are learning on their own while job requirements move closer to the skill sets now associated with future new jobs developers rather than traditional roles.

Learning a new workflow sounds simple until it interrupts real work. Muscle memory takes over, deadlines get closer, and there is rarely enough guidance inside the tool itself to make the new method feel safe to try.

The gap between innovation and adoption is mostly human, not technical, which is why the next shift in AI will not come from better models alone.

The next wave of AI will focus on teaching, not just automating

The next phase of AI development is starting to move away from adding more features and toward helping users understand the ones already there.

Instead of expecting people to read guides or watch tutorials like it’s 2015, newer tools are beginning to guide actions directly within the interface, showing step-by-step suggestions as the task progresses.

Copilots that recommend the next command, walkthroughs that appear in the middle of a workflow, and interfaces that adapt to how the user works are becoming more common across productivity, design, and development software.

This shift is also why more teams are asking questions like how to choose a digital adoption platform, as learning is no longer something that happens before using software, but during it.

The tools that stand out will not be the ones with the longest feature lists, but the ones people can actually understand without stopping their work to figure them out.