Today in AI — 10 March 2026
Today's top AI news — curated links and commentary on the stories that matter for product builders.
Everyone wants agents. Almost nobody is ready for them. That tension runs through every story today.
Agents get identities, enterprises don't have the plumbing
Microsoft is treating AI agents as governed security principals with unique Entra ID identities. ByteDance open-sourced a context database for agent memory. But 76% of enterprises say they can't support the agentic systems they want within three years. The control plane exists; the operational maturity doesn't.
- Microsoft unveils Agent 365 and M365 E7, treating AI agents as first-class security principals — Microsoft 365 Blog
- ByteDance open-sources OpenViking, a context database designed for AI agents — GitHub
- 85% of enterprises want agentic AI within three years but 76% say their operations can't support it — VentureBeat
Security: AI is the best auditor and the worst contributor
Claude found 22 CVEs in Firefox in a fortnight, including 14 high-severity flaws. OpenAI shipped Codex Security to scan repos and propose fixes. Meanwhile, AI coding assistants produce secure code just 10% of the time. AI is simultaneously finding more vulnerabilities than human teams and creating them faster.
- Anthropic's Claude finds 22 CVEs in Firefox in two weeks, including 14 high-severity flaws — Anthropic
- OpenAI ships Codex Security and launches free Codex for Open Source program — OpenAI
- AI coding assistants produce secure code just 10% of the time, new research shows — VentureBeat
Anthropic's legal stand draws cross-industry support
Anthropic sued the Pentagon over its supply chain risk label. 37 researchers from OpenAI and Google filed an amicus brief in support. Competitors publicly defending each other in court tells you something about how the industry views the designation.
- Anthropic sues Pentagon over supply chain risk designation; OpenAI and Google employees file amicus brief in support — TechCrunch
The model race widens
Five announcements in 48 hours. NVIDIA's Nemotron 3 brings hybrid Mamba-Transformer to open models with native million-token context. Google's Flash-Lite undercuts on price at $0.25/M input tokens. DeepSeek V4 targets Huawei chips. GPT-5.4 folds frontier coding into the mainline. And Karpathy shipped an autonomous ML experiment runner in 630 lines of Python.
- NVIDIA debuts Nemotron 3 family of open models for agentic AI — NVIDIA Newsroom
- Google launches Gemini 3.1 Flash-Lite, its fastest and cheapest model, beating GPT-5 mini on benchmarks — Google Blog
- DeepSeek V4 expected imminently as trillion-parameter multimodal model optimised for Huawei chips — TechNode
- OpenAI's GPT-5.4 rolls out as first mainline model with frontier coding capabilities — Releasebot / OpenAI
- Andrej Karpathy open-sources 'autoresearch' — autonomous ML experiments on a single GPU — GitHub
Capital flows in, consumer products slip
Nscale closed a $2 billion Series C for AI infrastructure. Apple pushed Gemini-powered Siri into late 2026. Infrastructure investment accelerates; consumer products keep slipping.
- Nscale raises $2 billion Series C — the largest in European history — for AI infrastructure — Nscale
- Apple reportedly delays Gemini-powered Siri features beyond iOS 26.4 into late 2026 — 9to5Mac
If you're building agents today, treat security and governance as load-bearing requirements from day one. The gap between what agents can do and what organisations can safely let them do is widening, not closing.