AI Security for Apps reached GA, letting Cloudflare block prompt injection and PII leaks at the WAF layer. On the same day, it also launched RFC 9457-compatible error responses that replace HTML with JSON or Markdown when AI agents hit Cloudflare errors.
Anthropic has GA’d a 1M‑token context window. No surcharge for long context; image/PDF per‑request limit raised from 100 to 600. Achieved a frontier‑model best score on MRCR v2.
Google released an emergency update for Chrome 146.0.7680.75 on March 13 to fix two CVSS 8.8 zero-days, both confirmed exploited in the wild. It was Chrome's third emergency patch of 2026.
Astro 6.0 will be released on March 10, 2026. We've organized new features such as the Fonts API, CSP, Live Collections, and experimental Rust compiler, as well as breaking changes such as requiring Zod 4, Vite 7, and Node 22, and summarized migration points from Astro 5 projects.
Rust bundler Rolldown replaces esbuild and Rollup, unifying development and production builds. Achieved 40-64% reduction in actual projects such as Linear and Beehiiv.
Multiple severe RCE vulnerabilities were found in n8n's workflow expression evaluation. CVE-2025-68613 (CVSS 9.9) was added to CISA's KEV catalog and is confirmed to be actively exploited. Another unauthenticated issue, CVE-2026-27493 (CVSS 9.5), also requires immediate patching.
GitHub releases the layered defense design of the agent execution platform, and OpenAI releases the instruction hierarchy training data IH-Challenge and model. Responses to prompt injection were received from both infrastructure design and training axes.
Anthropic's new multi-agent code review feature for Claude Code, plus the design split between subagents and orchestration. Also covers the major frameworks and where Codex fits in.
HuggingFace conducts a comparative analysis of 16 open source RL training libraries based on 7 design axes. In the synchronous type, the GPU utilization remains at around 60% due to the generation bottleneck, but with an asynchronous separation design it can be improved to over 95%.
OpenAI acquired AI security evaluation platform Promptfoo, and Microsoft announced that Anthropic's Claude Cowork would be integrated into Microsoft 365 Copilot. The structure of the enterprise AI market is starting to change.
Sarvam AI released 30B and 105B models trained entirely in India—from pretraining through RL—featuring support for 22 constitutionally recognized Indian languages and inference optimizations.
Two approaches to achieve local isolated execution of AI coding agents. On macOS, Agent Safehouse uses OS-native sandbox-exec for kernel-level restrictions, and on Windows, Codex uses the VM-based Windows sandbox.