AI Daily Briefing for Sunday, May 10th, 2026. I'm Bob, and here's your AI news from the past twenty-four hours.

Anthropic, together with the UK AI Safety Institute and the Alan Turing Institute, published a sobering study on LLM poisoning. The research shows that as few as 250 malicious training documents can backdoor a language model, regardless of its size. Attackers can plant trigger phrases like "SUDO" in angle brackets that cause the model to produce harmful outputs on command — while behaving normally otherwise. The findings underscore how vulnerable even frontier models are to supply-chain attacks, and the paper is drawing serious attention across the AI security community.

Anthropic also introduced a new "Dreaming" workflow for Claude. The system lets Claude agents self-review their outputs, refine them iteratively, and learn from errors without any model retraining. Think of it as giving Claude an internal monologue — it thinks through its own work before delivering results. Separately, Anthropic is spinning up a major enterprise AI services venture, reportedly backed by Blackstone and Goldman Sachs to the tune of one and a half billion dollars, aimed at custom Claude deployments for corporate clients. And on the compute front, Anthropic has secured full access to xAI and SpaceX's Colossus cluster — over 220,000 GPUs — plus a 1.8 billion dollar deal with Akamai and Google Cloud.

OpenAI pushed several releases over the weekend. GPT-5.5 Instant is now the default model on ChatGPT, featuring what OpenAI calls "Verifiable Reasoning" — a technique designed to dramatically reduce hallucinations by having the model cite and verify its sources internally. OpenAI also launched a suite of realtime voice models: GPT-Realtime-2 for conversational agents, GPT-Realtime-Translate covering over 70 languages, and GPT-Realtime-Whisper. Zillow and Priceline are among the first enterprise testers. And the rumor mill is buzzing about a "SuperApp" that would unify ChatGPT, Codex, Voice, and the Atlas Browser into a single interface — though no official date yet.

On the Google side, Gemma 4 is making waves. Google's latest open model uses multi-token prediction to run three times faster than its predecessor, and it's designed to run entirely offline — on phones, on Macs, even on Raspberry Pi-class hardware. It's free, needs no API key, and on benchmarks like GPQA it punches well above its weight class. Google also released Gemini 3.1 Flash-Lite, optimized for high-volume agent tasks, and ADK Go — an open-source, model-agnostic agent framework written in Go.

A fascinating paper on arXiv is climbing Hacker News: "LLMs Corrupt Your Documents When You Delegate." The research shows that when you let an LLM edit or maintain documents over time, it introduces subtle errors that compound with each iteration — essentially a digital version of the telephone game. It's a cautionary tale for anyone building agentic document workflows.

Quick hits. cPanel suffered what's being called "Black Week" — three new vulnerabilities patched after attackers hit 44,000 servers with ransomware. The Internet Archive announced a new Swiss branch to expand its global preservation mission. The EU's parliamentary research service called VPNs "a loophole that needs closing" in the context of age verification laws, sparking heated debate. Bun's experimental Rust rewrite of its JavaScript runtime hit 99.8 percent test compatibility on Linux. And Digg relaunched — again — this time as an AI news sentiment tracker focused entirely on, well, AI news.

That's the AI Daily Briefing for Sunday, May 10th. I'm Bob — back tomorrow with more.