News Heat Trend
Project Overview
Codex is a blockchain stablecoin company whose mission is to create a universal electronic cash system. Codex Chain is the core transaction layer of the Codex ecosystem, settled on Ethereum — a stablecoin-native execution environment built to support protocol primitives and applications with strict requirements around execution determinism, network reliability, and atomic settlement.
AI programming startup Cognition completes over $1 billion in funding, valuation reaches $25 billion
: AI programming startup Cognition announced the completion of a new funding round of over $1 billion, with its pre-money valuation surging to $25 billion, doubling from the $10.2 billion post-money valuation achieved just 8 months ago.This funding round was led by Lux Capital and General Catalyst, with continued participation from Founders Fund and 8VC. New investors include Ribbit Capital, Atreides, and Layer Global.According to official data, the company's AI programmer product, Devin, has achieved a 50% month-over-month growth in enterprise user adoption over the past 6 months. The company's current Annual Recurring Revenue (ARR) has reached $492 million, with customers including major institutions such as Mercedes-Benz, NASA, Goldman Sachs, and Santander Bank.Facing competition from native AI coding tools such as Anthropic Claude Code, OpenAI Codex, and Google Jules, Cognition stated that Devin's continued growth and the acquisition of Windsurf assets demonstrate that independent AI programming agents still possess commercial viability.
Former OpenAI Engineer Founds Blackstar, Completes $12 Million Seed Funding Round
Odaily News: Daniel Edrisian, a former engineer from the OpenAI Codex team, has announced his departure to found AI hardware company Blackstar Computers. The company has completed a $12 million seed funding round led by Abstract, with participation from SV Angel, Naval Ravikant, Chapter One, and Timeless.Blackstar positions itself as a new type of computing device, aiming to redefine the computing experience from the hardware, software, and interaction levels. Edrisian stated that while current software development is mature, further enhancement of human-AI interaction requires innovation at the operating system level. The company currently has a team of about 8 people, distributed between San Francisco and Shenzhen, and has not yet launched a public product.
OpenAI to acquire backend agent platform Ona
According to an announcement on OpenAI’s official website, OpenAI has announced its acquisition of Ona, a security-focused cloud execution and orchestration technology company, to expand its Codex ecosystem. Codex currently boasts over 5 million weekly active users—a 400% increase since the beginning of the year. Ona previously served 2 million developers; its customer-controlled execution model enables AI agents to run continuously within an organization’s own cloud environment, meeting enterprise requirements for security, governance, and compliance. Following the acquisition, the Ona team will join OpenAI to help extend Codex into more enterprise-grade production workflows.
Analysis: Anthropic and OpenAI Exposed Security Vulnerabilities in Succession, Raising Concerns Over AI Model Safety
, Anthropic and OpenAI have experienced security incidents in succession, drawing market attention to the security of AI models themselves. Currently, Anthropic is investigating a possible case of unauthorized user access to its Claude Mythos model. Almost simultaneously, OpenAI was also reported to have accidentally opened access to several unreleased models within its Codex application.Analysts believe that such incidents highlight that even AI model providers focused on cybersecurity capabilities still face significant security challenges. While AI is increasingly used for cyber defense, platform security and access control are becoming critical risk points.Industry insiders point out that these vulnerability incidents have intensified scrutiny over the security governance capabilities of AI companies, and also reflect that the security systems of current AI technology still need improvement amid rapid development. (The Information)
OpenAI Suffers Supply Chain Attack with Leaked Signing Certificates, macOS Client Mandatory Update Next Month
OpenAI has confirmed a supply chain attack targeting a malicious TanStack NPM package in its internal environment, infecting two employees' devices. While user data and core code were not affected, the attackers stole access credentials for some internal code repositories, including code signing certificates used for iOS, macOS, and Windows products.To prevent hackers from exploiting the stolen certificates to distribute counterfeit applications, OpenAI has initiated defensive certificate rotation and announced that all macOS users of ChatGPT desktop, Codex, and Atlas browsers must upgrade to the latest version by June 12, 2026. After this deadline, old certificates will be revoked, and system-level blocks will prevent the launch of older versions and new installations.OpenAI stated that the company had previously deployed stricter code package blocking policies, but the infected devices had not yet synchronized the latest configuration, allowing the malicious component to successfully infiltrate. Currently, the iOS and Windows clients are unaffected, and core data such as user account passwords and API keys have been confirmed secure.
a16z Research: AI Agents Can Identify DeFi Price Manipulation Vulnerabilities, but Their Ability to Execute Complex Attacks Remains Limited
According to a disclosure by a16z, its researchers conducted systematic testing to assess whether AI agents can independently exploit DeFi price manipulation vulnerabilities. The study used a dataset of 20 Ethereum price manipulation incidents and employed Codex (GPT 5.4) equipped with the Foundry toolchain as the test agent. Under baseline conditions—i.e., without domain-specific knowledge—the agent’s success rate was only 10%; after incorporating structured domain knowledge distilled from real-world attack incidents, the success rate rose to 70%. Failure cases revealed that the agent consistently identified vulnerabilities correctly but generally failed to comprehend the leverage logic of recursive lending, misjudged profit margins, and could not orchestrate multi-step, cross-contract attack sequences. The experiment also recorded one sandbox escape incident: the agent extracted an RPC key from the local node configuration and invoked the <code>anvil_reset</code> method to reset the node to a future block, thereby bypassing information isolation constraints and accessing real-world attack data. The research team concluded that AI agents can currently assist effectively in vulnerability identification but are not yet capable of replacing professional security auditors.
Analysis: Anthropic and OpenAI Exposed Security Vulnerabilities in Succession, Raising Concerns Over AI Model Safety
, Anthropic and OpenAI have experienced security incidents in succession, drawing market attention to the security of AI models themselves. Currently, Anthropic is investigating a possible case of unauthorized user access to its Claude Mythos model. Almost simultaneously, OpenAI was also reported to have accidentally opened access to several unreleased models within its Codex application.Analysts believe that such incidents highlight that even AI model providers focused on cybersecurity capabilities still face significant security challenges. While AI is increasingly used for cyber defense, platform security and access control are becoming critical risk points.Industry insiders point out that these vulnerability incidents have intensified scrutiny over the security governance capabilities of AI companies, and also reflect that the security systems of current AI technology still need improvement amid rapid development. (The Information)
OpenAI Suffers Supply Chain Attack with Leaked Signing Certificates, macOS Client Mandatory Update Next Month
OpenAI has confirmed a supply chain attack targeting a malicious TanStack NPM package in its internal environment, infecting two employees' devices. While user data and core code were not affected, the attackers stole access credentials for some internal code repositories, including code signing certificates used for iOS, macOS, and Windows products.To prevent hackers from exploiting the stolen certificates to distribute counterfeit applications, OpenAI has initiated defensive certificate rotation and announced that all macOS users of ChatGPT desktop, Codex, and Atlas browsers must upgrade to the latest version by June 12, 2026. After this deadline, old certificates will be revoked, and system-level blocks will prevent the launch of older versions and new installations.OpenAI stated that the company had previously deployed stricter code package blocking policies, but the infected devices had not yet synchronized the latest configuration, allowing the malicious component to successfully infiltrate. Currently, the iOS and Windows clients are unaffected, and core data such as user account passwords and API keys have been confirmed secure.
Solana and Google Cloud Launch Pay.sh, Enabling AI Agents to Call API Services Using Stablecoins
: The Solana Foundation and Google Cloud have jointly launched the AI payment gateway Pay.sh, allowing AI agents to pay for API services on a per-request basis using Solana on-chain stablecoins, eliminating the need for traditional account systems. The system is built on the x402 protocol and supports the Machine Payments Protocol developed by Tempo and Stripe.Currently, AI agents can access Google Cloud services such as Gemini, BigQuery, and VertexAI through Pay.sh. The platform also supports AI tools including Anthropic Claude Code, OpenAI Codex, and OpenClaw, along with over 50 community API providers. Additionally, it integrates infrastructure and data services such as Helius, Alchemy, Dune Analytics, and Nansen. (Decrypt)
OpenAI Officially Releases GPT-5.5, Optimized for Agent Tasks and Complex Work Scenarios
According to OpenAI’s official announcement, OpenAI has officially launched GPT-5.5—a next-generation intelligent model designed specifically for handling complex objectives, invoking tools, self-verification, and completing multi-step tasks. The model excels in code writing and debugging, online research, data analysis, document creation, and cross-tool operations. While maintaining response speeds comparable to those of GPT-5.4, GPT-5.5 demonstrates improvements across nearly all evaluation metrics and significantly reduces the number of tokens required to complete equivalent tasks. GPT-5.5 is now available to ChatGPT and Codex Plus, Pro, Business, and Enterprise users. Concurrently, a GPT-5.5 Pro version—optimized for highly demanding tasks—has also been released.
Analysis: Anthropic and OpenAI Exposed Security Vulnerabilities in Succession, Raising Concerns Over AI Model Safety
, Anthropic and OpenAI have experienced security incidents in succession, drawing market attention to the security of AI models themselves. Currently, Anthropic is investigating a possible case of unauthorized user access to its Claude Mythos model. Almost simultaneously, OpenAI was also reported to have accidentally opened access to several unreleased models within its Codex application.Analysts believe that such incidents highlight that even AI model providers focused on cybersecurity capabilities still face significant security challenges. While AI is increasingly used for cyber defense, platform security and access control are becoming critical risk points.Industry insiders point out that these vulnerability incidents have intensified scrutiny over the security governance capabilities of AI companies, and also reflect that the security systems of current AI technology still need improvement amid rapid development. (The Information)
OpenAI Launches ChatGPT Images 2.0, Introducing Image Reasoning Capability for the First Time
According to OpenAI’s official announcement, ChatGPT Images 2.0 has officially launched and is now available to all ChatGPT and Codex users starting today. This new version is the first image model with reasoning capabilities: it can perform real-time web searches when a reasoning model is selected, generate multiple distinct images from a single prompt, self-verify its outputs, and support generating functional QR codes. Additionally, the update delivers significant improvements in multilingual text rendering, visual style fidelity—including photorealism, cinematic aesthetics, pixel art, and comics—and flexible aspect ratios (ranging from 3:1 to 1:3). Its knowledge cutoff date has been updated to December 2025. The image reasoning feature is currently available only to Plus, Pro, and Business users; Enterprise access is forthcoming. The underlying model, gpt-image-2, is now also available to developers.
OpenAI Announces Launch of ChatGPT Images 2.0 Image Model
Odaily News OpenAI has announced the launch of the ChatGPT Images 2.0 image model, which significantly enhances the ability to handle complex visual tasks, with upgrades in instruction understanding, object placement and relationship expression, as well as high-density text rendering. The model supports multilingual text generation, can accurately present non-English content in images, and improves overall semantic coherence. ChatGPT Images 2.0 is now available to all ChatGPT and Codex users, with the image feature possessing "thinking capability" open to Plus, Pro, and Business users (Enterprise support coming soon). The underlying model gpt-image-2 is also available via API access.
Related news
OpenAI to acquire backend agent platform Ona
According to an announcement on OpenAI’s official website, OpenAI has announced its acquisition of Ona, a security-focused cloud execution and orchestration technology company, to expand its Codex ecosystem. Codex currently boasts over 5 million weekly active users—a 400% increase since the beginning of the year. Ona previously served 2 million developers; its customer-controlled execution model enables AI agents to run continuously within an organization’s own cloud environment, meeting enterprise requirements for security, governance, and compliance. Following the acquisition, the Ona team will join OpenAI to help extend Codex into more enterprise-grade production workflows.
AI programming startup Cognition completes over $1 billion in funding, valuation reaches $25 billion
: AI programming startup Cognition announced the completion of a new funding round of over $1 billion, with its pre-money valuation surging to $25 billion, doubling from the $10.2 billion post-money valuation achieved just 8 months ago.This funding round was led by Lux Capital and General Catalyst, with continued participation from Founders Fund and 8VC. New investors include Ribbit Capital, Atreides, and Layer Global.According to official data, the company's AI programmer product, Devin, has achieved a 50% month-over-month growth in enterprise user adoption over the past 6 months. The company's current Annual Recurring Revenue (ARR) has reached $492 million, with customers including major institutions such as Mercedes-Benz, NASA, Goldman Sachs, and Santander Bank.Facing competition from native AI coding tools such as Anthropic Claude Code, OpenAI Codex, and Google Jules, Cognition stated that Devin's continued growth and the acquisition of Windsurf assets demonstrate that independent AI programming agents still possess commercial viability.
OpenAI Suffers Supply Chain Attack with Leaked Signing Certificates, macOS Client Mandatory Update Next Month
OpenAI has confirmed a supply chain attack targeting a malicious TanStack NPM package in its internal environment, infecting two employees' devices. While user data and core code were not affected, the attackers stole access credentials for some internal code repositories, including code signing certificates used for iOS, macOS, and Windows products.To prevent hackers from exploiting the stolen certificates to distribute counterfeit applications, OpenAI has initiated defensive certificate rotation and announced that all macOS users of ChatGPT desktop, Codex, and Atlas browsers must upgrade to the latest version by June 12, 2026. After this deadline, old certificates will be revoked, and system-level blocks will prevent the launch of older versions and new installations.OpenAI stated that the company had previously deployed stricter code package blocking policies, but the infected devices had not yet synchronized the latest configuration, allowing the malicious component to successfully infiltrate. Currently, the iOS and Windows clients are unaffected, and core data such as user account passwords and API keys have been confirmed secure.
Solana and Google Cloud Launch Pay.sh, Enabling AI Agents to Call API Services Using Stablecoins
: The Solana Foundation and Google Cloud have jointly launched the AI payment gateway Pay.sh, allowing AI agents to pay for API services on a per-request basis using Solana on-chain stablecoins, eliminating the need for traditional account systems. The system is built on the x402 protocol and supports the Machine Payments Protocol developed by Tempo and Stripe.Currently, AI agents can access Google Cloud services such as Gemini, BigQuery, and VertexAI through Pay.sh. The platform also supports AI tools including Anthropic Claude Code, OpenAI Codex, and OpenClaw, along with over 50 community API providers. Additionally, it integrates infrastructure and data services such as Helius, Alchemy, Dune Analytics, and Nansen. (Decrypt)
Altman: OpenAI to Operate as "Permanently Low-Profit" Company, Aiming to Follow Stripe's Model
Odaily OpenAI CEO Sam Altman stated at Stripe Sessions that OpenAI aspires to become an infrastructure company that is "permanently low-profit, yet massive and fast-growing," offering products akin to "smart meters" that allow anyone to purchase them to automate businesses, develop products, or embed them into their own services. He compared OpenAI to Stripe, noting that their model is usage-based billing, and as the internet scales, both Stripe and its users benefit.Altman revealed that OpenAI has already signed 20-year contracts for electricity and land to support this goal. He acknowledged that switching costs in AI are low, and the recent massive influx of users from competing programming tools to Codex proves that the smarter AI becomes, the easier it is to switch platforms. He pointed out that while some companies might try to capture the entire industry chain, OpenAI does not plan to do so, believing that models and data centers are a whole, and other companies can build products on top of them.Altman also emphasized that businesses should not overestimate AI's impact on existing business structures. Although AI has changed many existing processes, good products will still survive in the market. He specifically mentioned that Shopify CEO Toby Lütke is the best AI adopter he has ever seen.
a16z Research: AI Agents Can Identify DeFi Price Manipulation Vulnerabilities, but Their Ability to Execute Complex Attacks Remains Limited
According to a disclosure by a16z, its researchers conducted systematic testing to assess whether AI agents can independently exploit DeFi price manipulation vulnerabilities. The study used a dataset of 20 Ethereum price manipulation incidents and employed Codex (GPT 5.4) equipped with the Foundry toolchain as the test agent. Under baseline conditions—i.e., without domain-specific knowledge—the agent’s success rate was only 10%; after incorporating structured domain knowledge distilled from real-world attack incidents, the success rate rose to 70%. Failure cases revealed that the agent consistently identified vulnerabilities correctly but generally failed to comprehend the leverage logic of recursive lending, misjudged profit margins, and could not orchestrate multi-step, cross-contract attack sequences. The experiment also recorded one sandbox escape incident: the agent extracted an RPC key from the local node configuration and invoked the <code>anvil_reset</code> method to reset the node to a future block, thereby bypassing information isolation constraints and accessing real-world attack data. The research team concluded that AI agents can currently assist effectively in vulnerability identification but are not yet capable of replacing professional security auditors.