Today in AI — 2 March 2026

Enterprise AI crossed a threshold this week. ServiceNow says 90% of its L1 IT requests now resolve autonomously. AT&T cut inference costs 90% by routing 8 billion daily tokens through smaller models. These aren't demos or benchmarks. They're production systems processing millions of real tickets and calls.

Enterprise AI, by the numbers

ServiceNow is dogfooding its own autonomous resolution engine before selling it externally. AT&T's approach is instructive for anyone running LLMs at scale: route aggressively to smaller models and reserve the frontier for what actually needs it. Microsoft's OPCD framework takes a different angle, baking system prompts directly into model weights to eliminate prompt overhead at inference time.

• ServiceNow resolves 90% of its own IT requests autonomously — now it wants to do the same for any enterprise — VentureBeat
• AT&T slashes AI costs 90% by swapping large models for small ones at 8 billion tokens per day — VentureBeat
• Microsoft's OPCD framework permanently embeds system prompt instructions into model weights — VentureBeat

Agent security is already a crisis

Over 8,000 MCP servers sit exposed on the public internet with zero authentication. A prompt injection vulnerability in GitHub Copilot, dubbed RoguePilot, allowed repository takeover. Check Point disclosed configuration injection flaws in Claude Code. The industry is shipping agent infrastructure faster than it can secure it, and the attack surface grows by the week.

• 8,000+ MCP servers exposed on the public internet with zero authentication — Security Researchers / Medium
• RoguePilot: GitHub Copilot vulnerability enabled repository takeover via hidden prompt injection — The Hacker News
• Check Point discloses critical configuration injection vulnerabilities in Claude Code — Check Point Research

The open-weight arms race

MiniMax claims M2.5 matches Claude Opus at a twentieth of the cost, with open weights. Zhipu AI released GLM-5, a 744-billion-parameter model trained entirely on Huawei chips under MIT licence. Anthropic, meanwhile, accused DeepSeek, Moonshot, and MiniMax of running industrial-scale distillation attacks through thousands of fraudulent accounts. Open weights are proliferating, but the boundary between open competition and IP theft is getting harder to draw.

• MiniMax M2.5 matches Claude Opus at 1/20th the cost with open weights — VentureBeat
• Zhipu AI ships GLM-5: a 744B frontier model trained entirely on Huawei chips under MIT license — The Decoder
• Anthropic accuses DeepSeek, Moonshot, and MiniMax of industrial-scale distillation attacks on Claude — CNBC

What AI means for code

Coding agents now appear in 15–22% of commits across 129,000 GitHub projects. The consequences are uneven: open-source maintainers are closing their doors to AI-generated contributions, IBM's stock crashed on Anthropic's COBOL migration announcement, and Kilo Code Reviewer promises automated PR reviews out of the box. Whether you see this as progress depends on which side of the commit you sit on.

• Vibe coding threatens open source as maintainers close doors to AI-generated contributions — InfoQ
• Coding agents reach 15–22% adoption across 129,000 GitHub projects — ArXiv
• IBM suffers worst single-day stock crash in 25 years after Anthropic COBOL announcement — CNBC
• Kilo Code Reviewer: AI-powered automatic code review on every PR — Product Hunt

Also notable

Apple's Siri overhaul has hit testing problems, pushing LLM-powered features beyond iOS 26.4. For developers planning around on-device AI, timelines are slipping.

• Apple's Siri AI overhaul hits testing snags, features pushed beyond iOS 26.4 — Bloomberg

The enterprise numbers from ServiceNow and AT&T are the story to watch. If 90% autonomous resolution becomes table stakes, the question for product teams shifts from "should we use AI?" to "what's left for humans to do?"

---