June 2, 2026
Today's top tech stories, deduped across the newsletters I read and briefly summarized. Click a source to open the original article.
AI
Microsoft prepares Copilot super app for Build 2026
Leaked screenshots show Microsoft plans to unify GitHub Copilot, Cowork, and the always-on Scout agent into a single Copilot app, likely debuting at Build 2026. The move aims to boost weak adoption by consolidating scattered tools into one place.
NVIDIA at Computex 2026: N1X chip and Vera Rubin platform
NVIDIA plans to unveil the N1X laptop chip with 20 ARM cores and an RTX 5070-equivalent GPU at Computex 2026, alongside the Vera Rubin AI platform for datacenters. The company is targeting improved VRAM allocation for AI applications and aims to solidify its position in the AI market.
xAI launches grok-build-0.1 in public beta for agentic coding
xAI's grok-build-0.1 is now in public beta via the API, built specifically for agentic coding tasks such as web development and debugging. The model processes over 100 tokens per second and is priced at $1 per million input tokens and $2 per million output tokens.
NVIDIA Cosmos 3 and Alpamayo target physical AI development
NVIDIA released Cosmos 3, a platform for building reasoning, world, and action models for physical AI systems like robots and autonomous vehicles, along with the Alpamayo framework for closed-loop post-training of vehicle policies. Both are designed to close the gap between model training and real-world deployment.
AI is replacing internships as tech openings for students drop 30%
Open tech internship positions have fallen 30% since 2023 as companies use AI to handle tasks previously assigned to junior hires, breaking the traditional entry-level pipeline. At the same time, the AI job market is booming at the senior level, widening the gap between entry-level and experienced roles.
Security
Attackers chain FortiClient EMS flaw to deploy infostealer malware
Threat actors are exploiting CVE-2026-35616, an unauthenticated improper access-control flaw in FortiClient EMS versions 7.4.5 and 7.4.6, to modify VPN policies and trigger malicious batch scripts seconds after an IPsec tunnel is established. The attack chain requires no user interaction and delivers credential-stealing malware.
Fake Anthropic sites deliver fileless infostealer to Claude Code users
A ClickFix campaign uses SEO-poisoned 'claude code install' search results to direct victims to spoofed Anthropic pages, where they are tricked into pasting an mshta.exe command that fetches and executes malware disguised as an MP3 file. The infostealer operates entirely in memory, leaving no files on disk.
Dutch police dismantle botnet of more than 17 million devices
Dutch police and the National Cyber Security Center took down a botnet controlling over 17 million devices through 200 servers hosted in the Netherlands, linked to Russia-based residential proxy provider ASOCKS. Investigators seized the botnet servers and found overlaps with previously known proxy operations.
Critical RCE bug in open-source Gogs git service remains unpatched as exploit code drops
A CVSS 9.4-rated authenticated RCE in Gogs lets any logged-in user execute arbitrary commands via argument injection in the pull request merge flow on Windows, Linux, and macOS. Rapid7 disclosed the flaw in March and has now published an exploit module, but no official patch is available yet.
Palo Alto GlobalProtect auth bypass under active exploitation
Palo Alto Networks has warned that attackers are actively exploiting an authentication bypass vulnerability in GlobalProtect VPN, and CISA has added it to its Known Exploited Vulnerabilities catalog. Organizations are urged to patch immediately.
Dev
Figma Make now works directly in your production codebase
Figma Make now lets designers make visual edits, add annotations, and create pull requests directly inside their production codebase without leaving Figma. The feature is launching in limited beta and will not consume credits during the testing period.
Other
Blue Origin New Glenn failure deals severe blow to NASA and US space industry
A failed New Glenn rocket test has caused significant damage to Blue Origin's launch site, leaving the company with no backup pad for the vehicle. The failure is described as catastrophic for NASA and large parts of the US space industry.