Top stories

  1. Leaked OpenAI 2025 financials, verified by the Financial Times, show a 38.5B USD net loss Leaked audited 2025 financial documents, first surfaced by Ed Zitron and independently verified by the Financial Times, report OpenAI revenue of 13.07B USD against total costs of 34B USD, with a net loss of 38.53B USD. Revenue more than tripled from roughly 3.7B USD in 2024. The headline net loss includes a 41.55B USD non-cash charge tied to the nonprofit-to-for-profit conversion; the underlying operating loss was about 20.9B USD, and some analysts put the cash operating loss nearer 8B USD. Research and development was the largest line at 19.18B USD, and OpenAI paid Microsoft 17.2B USD for compute and research. OpenAI has not confirmed or disputed the figures during its pre-IPO quiet period.
  2. Z.ai publishes GLM-5.2 open weights under MIT on Hugging Face Z.ai (Zhipu) published the GLM-5.2 open-weight checkpoint on Hugging Face under the MIT license, fulfilling the open-weight release promised at the 2026-06-13 announcement. The repository lists a 753B-parameter mixture-of-experts model in BF16 and F32 tensors with a 1M-token context window and an "IndexShare" attention design that reuses one indexer across every four sparse attention layers. Community quantized variants for llama.cpp, Ollama, and LM Studio appeared within hours. Vendor and secondary coding-benchmark numbers remain unreproduced and should be treated as developing.
  3. Tesco moves to migrate about 40,000 workloads off VMware amid its Broadcom dispute Reporting on 2026-06-17, drawn from Tesco's UK High Court filings against Broadcom and reseller Computacenter, says the retailer is migrating about 40,000 server workloads off VMware and aims to be fully off by the end of 2027, which it describes as its earliest feasible date. Tesco bought VMware perpetual licenses plus Tanzu subscription and support in January 2021 with a four-year extension option; it alleges Broadcom declared the perpetual software end-of-life, moved to subscription-only bundles, and refused the extension. Tesco runs tills, logistics, and supply-chain systems on the estate and seeks more than 100M GBP in damages. The replacement platform is not publicly named; the filings note it is incompatible with Tesco's existing Veeam and Zerto backup and disaster-recovery tooling.

AI

  1. OpenAI and Molecule.one report a near-autonomous AI chemist improving a hard coupling reaction OpenAI and Molecule.one published a write-up on 2026-06-17 describing GPT-5.4 driving improvement of the Chan-Lam coupling, specifically a difficult variant with primary sulfonamides that historically gives low yields. The model reviewed literature, generated and ranked proposals, designed experiments, and analyzed results, while human chemists steered the work and validated outcomes in Molecule.one's microliter high-throughput-experimentation wet lab. The system proposed TEMPO as an additive, which the team had not previously considered. Across roughly 10,080 reactions, yields improved for a majority of substrates tested; human chemists manually repeated 14 representative reactions and reported 11 with higher yield. The full cycle took about 2.5 months.

Agentic coding

  1. Cloudflare opens its Agents SDK primitives to outside frameworks, starting with Flue Cloudflare announced on 2026-06-17 that it is exposing the Agents SDK primitives, including durable execution, to outside agent frameworks and harnesses, with Flue as the first supported framework. Flue is an open-source TypeScript agent framework from the team behind Astro that reached a 1.0 beta on 2026-06-16; it is headless and programmable, triggered by API calls, webhooks, or cron, and deployable to Node.js or Cloudflare Workers. Cloudflare frames a three-layer stack: a framework such as Flue for project structure, a harness for the agentic loop, and the Agents SDK for durable primitives.
  2. Alex Ellis argues a local Qwen is a different tool from Opus, not a worse one Alex Ellis published a write-up on 2026-06-18 on running local Qwen coding models on owned hardware: an RTX 6000 Pro Blackwell with 96GB VRAM plus two RTX 3090s, two llama.cpp instances at the full 262,144-token context with an F16 KV cache, generating about 67 tokens per second and 130 to 200 with speculative decoding. His thesis is that a local 27B Qwen is not a cheaper near-Opus but a different tool, strong on bounded tasks such as customer diagnostics, telemetry and revenue-anomaly review, and codebase explanation, and weak on long-horizon unsupervised work, concurrency, and some Go generation. He calls infinite looping the model's worst failure mode, where it repeats suggestions or stalls at a capability boundary and needs manual supervision. The post cites Qwen at 77.2 percent on SWE-Bench Verified against 88.6 percent for Claude Opus 4.8; the figures are as stated in the post, not independently reproduced.

Security

  1. Fortinet FortiSandbox flaws under active exploitation after April patches Three FortiSandbox vulnerabilities are under active exploitation, first reported on 2026-06-16. CVE-2026-39813 (CVSS 9.8) is a path traversal and authentication bypass in the FortiSandbox JRPC API that lets an unauthenticated remote attacker read sensitive system data such as configuration backups, serial numbers, and version details through crafted HTTP requests; CVE-2026-39808 and CVE-2026-25089 are the other two. Affected versions are FortiSandbox 5.0.0 to 5.0.5 and 4.4.0 to 4.4.8. Fortinet patched the flaws in April 2026; fixed releases are 5.0.6 and 4.4.9. Researchers observed exploitation against decoy infrastructure over port 443 via crafted JSON-RPC POST requests. The CVEs are not yet in the CISA KEV catalog.
  2. Researcher finds about 10,000 GitHub repositories distributing Trojan archives A researcher published a write-up on 2026-06-18 identifying about 10,000 GitHub repositories that distribute Trojan malware through README links to zip archives. Each repository is a fresh non-fork that copies a legitimate repository's commit history and contributor profiles to look credible, then every few hours deletes the previous commit and pushes a new "Update README.md" commit that changes only the README to point at a trojanized zip. Scanning the archive URL on VirusTotal returns nothing, while scanning the zip itself detects the Trojan. The author found the repositories by filtering GHArchive event data for the commit-frequency and README-only pattern, published the full list, and released a Git Malware Finder script. Some repositories have persisted for over a year, and GitHub does not auto-remove them. The author notes API limits mean the true count likely exceeds 10,000.
  3. Node.js ships coordinated security releases patching 11 CVEs Node.js published coordinated security releases on 2026-06-18 at 04:37 UTC across its maintained lines: v26.3.1 (Current) and the LTS lines v24.17.0 and v22.23.0. They patch 11 CVEs, two rated High: CVE-2026-48618, where the TLS server-identity check failed to normalize the hostname, and CVE-2026-48933, a missing output-length guard in the WebCrypto cipher path. Medium-severity fixes cover case-sensitive TLS SNI context matching (CVE-2026-48928), binding reusable TLS sessions to the authenticated host (CVE-2026-48934), unbounded HTTP/2 originSet memory growth (CVE-2026-48619), rejection of hostnames with embedded NUL bytes in dns and net (CVE-2026-48930), and redaction of proxy credentials in tunnel errors (CVE-2026-48615). Low-severity fixes harden the permission model and fix response-queue poisoning in http.Agent (CVE-2026-48931). The releases also bundle OpenSSL 3.5.7, llhttp 9.4.2, and undici 8.5.0. No active exploitation was reported at release.
  4. AMD removes TSME memory encryption from consumer Ryzen CPUs in a firmware update A newer AGESA firmware (1.2.7.0) disabled Transparent Secure Memory Encryption (TSME) on consumer Ryzen parts without a visible change in the BIOS, which still shows the TSME toggle. The behavior was found by a Linux user, Ben Kilpatrick, on a Ryzen 7 9700X when Host Security ID reported TSME unsupported despite the BIOS option being enabled; the firmware flag DfIsTsmeEnabled is now set FALSE for consumer parts and remains TRUE for PRO and EPYC parts. TSME encrypts all of RAM under firmware with no OS involvement and, when active, blocks physical attacks such as cold-boot exploits, DRAM-interface snooping, and reading a removed memory module on another machine. AMD declined to answer detailed questions beyond stating that TSME "is a security feature only applied to PRO CPUs as part of AMD PRO Technologies," the first known explicit statement of that restriction; AMD engineers had previously recommended TSME on consumer parts in 2020 and 2025.

Outages

  1. OpenAI reports ChatGPT load failures and Enterprise SSO errors on 2026-06-18 OpenAI's status history records two incidents on 2026-06-18. ChatGPT failing to load or save conversations began about 03:55 UTC and was later marked fully recovered. SSO login errors for some ChatGPT Enterprise workspaces began about 09:59 UTC; OpenAI reported it had applied a mitigation and was monitoring recovery at fetch time. No root cause was published.
  2. OpenAI logs mobile-app and FedRAMP-workspace incidents on 2026-06-17 OpenAI's status history records two incidents on 2026-06-17: errors with conversations on Android and iOS devices, later marked fully recovered, and degraded performance for FedRAMP workspaces and API organizations. User-visible impact was failed or degraded conversations on the affected surfaces. No root cause was published.

Developer tools

  1. Otty, a commercial native macOS terminal, ships with agent-first framing A Show HN surfaced Otty, a native, GPU-accelerated macOS terminal for Apple Silicon and Intel, with Windows, Linux, and iOS waitlists. Marketed features include GPU-accelerated scrolling, ligatures, 24-bit color, inline images, clickable file and URL links, session recovery, tabs and splits, and first-class support for coding agents running in the terminal. The site lists pricing and a license agreement; the project is commercial and does not state that it is open source, unlike Ghostty, WezTerm, and Alacritty. Implementation stack and version are not disclosed.
  2. Emacs 31.0.90 pretest highlights tree-sitter defaults and an editable xref workflow The first Emacs 31 pretest, 31.0.90, was announced on the emacs-devel list in June 2026. A practitioner write-up that reached the HN front page on 2026-06-18 details the changes being daily-driven: treesit-enabled-modes set to t switches the major modes that have a tree-sitter variant over to it; treesit-auto-install-grammar offers to fetch and build a missing grammar instead of erroring; grammar sources for languages such as TypeScript, TSX, Rust, TOML, YAML, and Dockerfile now live inside the modes; and a new command xref-export-to-grep, bound to E in xref buffers, gives an editable grep-and-dired-style workflow. This is a pretest, not a final release.

Languages and runtimes

  1. Kerkour argues stdx stays off crates.io for supply-chain reasons Sylvain Kerkour published a post explaining why stdx, an extended Rust standard-library project focused on simplicity, performance, and supply-chain security, is deliberately not published to crates.io. The argument is that importing directly from source via Git avoids centralized-registry namespace squatting and reduces supply-chain risk, continuing Kerkour's earlier thesis on Rust dependency exposure. The post is opinion, not a registry policy change.

Apple platforms

  1. NetNewsWire maintainer reports a year of modernization, not a sunset Brent Simmons posted a status update on the open-source macOS and iOS RSS reader NetNewsWire on 2026-06-15. He describes a year out of retirement spent on modernization rather than features: about 2,188 commits, migration to Swift structured concurrency and async-await, adoption of the Liquid Glass UI, performance and bug fixes, new diagnostics such as iCloud Storage Stats and an error log, and a move from Slack to a public Discourse forum. There is no maintainer search and no sunsetting. HN discussion framing it as a project in trouble misreads the post.

Infrastructure

  1. Prometheus 3.5.4 LTS patches a plaintext secret-exposure flaw Prometheus released v3.5.4 on 2026-06-17, a backported security patch on the 3.5 LTS line. It fixes GHSA-39j6-789q-qxvh, where secrets were exposed in plaintext through the /-/config endpoint in STACKIT service discovery, and bumps golang.org/x/net to v0.55.0 and OpenTelemetry to v1.43.0 to address Go advisories GO-2026-5026, GO-2026-4918, and GO-2026-4985, plus UI dependency updates. Container images are now also published to ghcr.io. The advisory carries no CVE id or stated CVSS score at release.

Engineering posts

  1. Browser Use details sub-second browser starts on nested Firecracker microVMs in EC2 Browser Use published an engineering write-up on 2026-06-15 on running Firecracker microVMs nested inside regular EC2 instances rather than on bare-metal, trading nested-virtualization overhead for faster provisioning and lower cost. Browsers resume from a VM snapshot paused just before Chromium launches, cutting initial restore from 9.8s to 3.1s. The team raised the guest page size from 4KB to 2MB and added a custom userfaultfd handler that preloads pages Chromium touches early, reducing page faults by about 91x. vCPUs are unpinned during launch then pinned to stable cores with real-time priority. A custom control plane handles fleet monitoring and placement without CloudWatch, and edge routers forward WebSocket connections to the placed VM. Reported metrics are VM cold start under 400ms, end-to-end browser creation at 825ms p50 and 1.35s p99, and cost cut from 0.06 to 0.02 USD per browser-hour.

Markets and companies

  1. DOJ moves to shield xAI gas turbines as national and energy security TechCrunch reported on 2026-06-16 that the US Department of Justice moved to intervene in a Clean Air Act lawsuit over xAI's unpermitted gas turbines powering its Colossus data centers near Memphis, arguing that a shutdown would harm national, economic, and energy security. A Department of Defense official said Grok is one of four proprietary models supporting classified operations. The engineering-adjacent angle is data-center power procurement and permitting for AI training capacity.

Hacker News

  1. OpenRouter Royale pits eleven models in a battle-royale agent demo An OpenRouter post titled "Royale: Last Agent Standing" reached the front page on 2026-06-17. It pits eleven models, including Claude Sonnet 4.6, Grok 4.1 Fast, GPT-5.4, Gemini, DeepSeek, Qwen, and Mistral variants, in a 2D battle-royale game across 30 matches, with agents acting through 17 tools and editing persona and memory files between matches. The post reports Grok 4.1 Fast winning 13 of 30 games at about 0.97 USD per win against Claude Sonnet 4.6 at 5 wins and 26.78 USD per win, framing it as cost efficiency.
  2. Midjourney Medical draws heavy skepticism over false positives and image quality Midjourney, the AI image-generation company, announced a full-body ultrasound imaging concept: submerging a person in water inside a ring of thousands of transducers to produce an AI-reconstructed 3D body scan in about 60 seconds without radiation, aimed at very cheap mass screening. The thread reached the HN front page on 2026-06-18 with 425 points.