惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

C
Check Point Blog
GbyAI
GbyAI
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
U
Unit 42
美团技术团队
NISL@THU
NISL@THU
C
Cisco Blogs
SecWiki News
SecWiki News
N
Netflix TechBlog - Medium
Forbes - Security
Forbes - Security
Cloudbric
Cloudbric
雷峰网
雷峰网
T
Tailwind CSS Blog
博客园 - 司徒正美
The Register - Security
The Register - Security
L
LangChain Blog
S
Security Affairs
Hacker News - Newest:
Hacker News - Newest: "LLM"
B
Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
Threat Research - Cisco Blogs
I
InfoQ
S
Schneier on Security
L
Lohrmann on Cybersecurity
量子位
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Martin Fowler
Martin Fowler
Schneier on Security
Schneier on Security
F
Fortinet All Blogs
TaoSecurity Blog
TaoSecurity Blog
K
Kaspersky official blog
Google DeepMind News
Google DeepMind News
Cisco Talos Blog
Cisco Talos Blog
PCI Perspectives
PCI Perspectives
Attack and Defense Labs
Attack and Defense Labs
WordPress大学
WordPress大学
Microsoft Azure Blog
Microsoft Azure Blog
H
Help Net Security
Project Zero
Project Zero
The GitHub Blog
The GitHub Blog
D
Docker
N
News | PayPal Newsroom
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
H
Hacker News: Front Page
云风的 BLOG
云风的 BLOG
Microsoft Security Blog
Microsoft Security Blog
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
博客园 - 聂微东
Webroot Blog
Webroot Blog
MongoDB | Blog
MongoDB | Blog

VentureBeat

Anthropic says it hit a $30 billion revenue run rate after 'crazy' 80x growth OpenAI voice models get GPT-5-class reasoning AI agent identity: how to govern agentic AI in 6 stages Anthropic wants to own your agent's memory, evals, and orchestration — and that should make enterprises nervous Enterprise GPU utilization: why 95% of AI infrastructure spend is wasted Governance, not gatekeeping: How SAP brings enterprise‑grade safety to AI connectivity Anthropic introduces "dreaming," a system that lets AI agents learn from their own mistakes RL orchestration: how a 7B model routes tasks across GPT-5, Claude, and Gemini Meet ZAYA1-8B, a super efficient open reasoning model trained on AMD Instinct MI300 GPUs Anthropic Skill scanners passed every check. The malicious code rode in on a test file. Why AI breaks without context — and how to fix it Market research is too slow for the AI era, so Brox built 60,000 identical 'digital twins' of real people you can survey instantly, repeatedly The app store for robots has arrived: Hugging Face launches open-source Reachy Mini App Store with 200+ apps Scaling AI into production is forcing a rethink of enterprise infrastructure Miami startup Subquadratic claims 1,000x AI efficiency gain with SubQ model; researchers demand independent proof. GPT-5.5 Instant shows you what it remembered — just not all of it One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it AI agents are missing all the discussions your team is having. SageOX has an answer: agentic context infrastructure OpenAI turns its sold-out GPT-5.5 party into a monthlong Codex giveaway for 8,000 developers Inside AMEX’s agentic commerce stack: How intent contracts and single-use tokens enforce AI transactions Microsoft takes Agent 365 out of preview as shadow AI becomes an enterprise threat The RAG era is ending for agentic AI — a new compilation-stage knowledge layer is what comes next Salesforce Agentforce Operations fixes workflows breaking enterprise AI MCP command execution flaw: what security teams need to know The scaffolding era is over. LlamaIndex says context is the new moat xAI launches Grok 4.3 at an aggressively low price and a new, fast, powerful voice cloning suite Hidden IT problems are quietly creating risk, shadow IT, and lost productivity Alibaba's HDPO cuts AI agent tool overuse from 98% to 2% One tool call to rule them all? New open source Python tool Runpod Flash eliminates containers for faster AI dev Why OpenAI's 'goblin' problem matters — and how you can release the goblins on your own AI coding agents breached: attackers targeted credentials, not models | VentureBeat Writer launches AI agents that can act without prompts, taking on Amazon, Microsoft and Salesforce Netomi raises $110 million as Accenture and Adobe bet on AI for customer service Cheaper tokens, bigger bills: The new math of AI infrastructure Amazon’s OpenAI gambit signals a new phase in the cloud wars — one where exclusivity no longer applies Enterprise RAG rebuild: hybrid retrieval adoption tripled in Q1 2026 IBM launches Bob with multi-model routing and human checkpoints to turn AI coding into a secure production system AWS Quick's knowledge graph creates an orchestration blind spot Why enterprise GPU utilization is stuck at 5% — and why the fix makes it worse Definity embeds agents inside Spark pipelines to catch failures before they reach agentic AI systems How to build custom reasoning agents with a fraction of the compute American AI startup Poolside launches free, high-performing open model Laguna XS.2 for local agentic coding Mistral AI launches Workflows, a Temporal-powered orchestration engine already running millions of daily executions Microsoft and OpenAI gut their exclusive deal, freeing OpenAI to sell on AWS and Google Cloud Open source Xiaomi MiMo-V2.5 and V2.5-Pro are among the most efficient (and affordable) at agentic 'claw' tasks AI framework autonomously outperforms human-designed R&D baselines Why supply chains are the proving ground for automation‑led iPaaS RAG precision tuning can quietly cut retrieval accuracy by 40%, putting agentic pipelines at risk Enterprises are obsessing over model accuracy while ignoring the infrastructure layer where AI systems actually break. Monitoring LLM behavior: Drift, retries, and refusal patterns CVSS vulnerability triage: 5 failures, 5 fixes DeepSeek-V4 arrives with near state-of-the-art intelligence at fraction of the cost of Opus 4.7, GPT-5.5 85% of enterprises are running AI agents. Only 5% trust them enough to ship. AI synthetic audiences are already here and poised to upend the consulting industry Mystery solved: Anthropic reveals changes to Claude's harnesses and operating instructions likely caused degradation OpenAI's GPT-5.5 is here, and it's no potato: narrowly beats Anthropic's Claude Mythos Preview on Terminal-Bench 2.0 New startup BAND debuts agentic mesh with deterministic routing to govern multiple enterprise AI agents across model providers, channels OpenAI unveils Workspace Agents, a successor to custom GPTs for enterprises that can plug directly into Slack, Salesforce and more Google and AWS split the AI agent stack between control and execution Are you paying an AI ‘swarm tax’? Why single agents often beat complex systems OpenAI launches Privacy Filter, an open source, on-device data sanitization model that removes personal information from enterprise datasets Google doesn't pay the Nvidia tax. Its new TPUs explain why. Salesforce’s Agentforce Vibes 2.0 targets a hidden failure: context overload in AI agents Google’s Gemini can now run on a single air-gapped server — and vanish when you pull the plug The modern data stack was built for humans asking questions. Google just rebuilt its for agents taking action. Google’s new Deep Research and Deep Research Max agents can search the web and your private data Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain The AI governance mirage: Why 72% of enterprises don’t have the control and security they think they do OpenAI's ChatGPT Images 2.0 is here and it does multilingual text, full infographics, slides, maps, even manga — seemingly flawlessly Kimi K2.6 runs agents for days — and exposes the limits of enterprise orchestration What AI model should you use for revenue intelligence? Von says all the big ones, and it will automate mixing and matching for you Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it Train-to-Test scaling explained: How to optimize your end-to-end AI compute budget for inference AI agent security maturity audit: enterprises funded stage one, stage-three threats arrived anyway Anthropic just launched Claude Design, an AI tool that turns prompts into prototypes and challenges Figma Should my enterprise AI agent do that? NanoClaw and Vercel launch easier agentic policy setting, approval dialogs for messaging apps Salesforce launches Headless 360 to turn its entire platform into infrastructure for AI agents Are we getting what we paid for? How to turn AI momentum into measurable value OpenAI debuts GPT-Rosalind, a new limited access model for life sciences, and broader Codex plugin on Github OpenAI drastically updates Codex desktop app to use all other apps on your computer, generate images, preview webpages Anthropic releases Claude Opus 4.7, narrowly retaking lead for most powerful generally available LLM AI lowered the cost of building software. Enterprise governance hasn’t caught up Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway Frontier models are failing one in three production attempts — and getting harder to audit Meta researchers introduce 'hyperagents' to unlock self-improving AI for non-coding tasks We tested Anthropic’s redesigned Claude Code desktop app and 'Routines' -- here's what enterprises should know AI's next bottleneck isn't the models — it's whether agents can think together Adobe’s new Firefly AI Assistant wants to run Photoshop, Premiere, Illustrator and more from one prompt Traza raises $2.1 million led by Base10 to automate procurement workflows with AI Agentic coding at enterprise scale demands spec-driven development Designing the agentic AI enterprise for measurable performance Five signs data drift is already undermining your security models Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot AI agent credentials live in the same box as untrusted code. Two new architectures show where the blast radius actually stops. Intuit compressed months of tax code implementation into hours — and built a workflow any regulated-industry team can adapt OpenAI introduces ChatGPT Pro $100 tier with 5X usage limits for Codex compared to Plus Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook Claude, OpenClaw and the new reality: AI agents are here — and so is the chaos Goodbye, Llama? Meta launches new proprietary AI model Muse Spark — first since Superintelligence Labs' formation LLM-referred traffic converts at 30-40% — and most enterprises aren't optimizing for it
NanoClaw's creators are turning the secure, open source AI agent harness into an enterprise 'second brain'
carl.franzen · 2026-05-20 · via VentureBeat

The creators of NanoClaw — the hit open source, enterprise-friendly variant of autonomous AI agent harness OpenClaw — are moving towards commercializing their technology for enterprises at scale, aiming to provide them with secure AI agents, and an ever-updating library of workplace context, for each human employee the enterprise has approved.

The duo, including former Wix.com engineer Gavriel Cohen and his brother Lazer Cohen, also founder of tech public relations firm Concrete Media, shared with VentureBeat that their new startup, NanoCo AI, has received a $12 million oversubscribed seed round was led by Valley Capital Partners.

The round features a roster of strategic backers that reads like an enterprise infrastructure all-star team, including Docker, Vercel, monday.com, Factorial Capital, and Hugging Face CEO and founder Clem Delangue.

Buoyed by the seed round, NanoCo AI wants to move beyond basic automation to offer every enterprise worker a secure "professional assistant." Yet they are still committed to building out and maintaining NanoClaw as an MIT Licensed, enterprise-friendly, open source standard — just offering specialized commercial managed services integration atop it.

The new killer use case: an informed, ever-updating personal assistant for each human worker

Gavriel, now CEO of NanoCo AI, sees this personalized approach as the ultimate unlock for the modern worker.

“The killer use case is the the one to one we're calling it professional assistant,” Cohen explained in a recent exclusive interview with VentureBeat. "If you can give someone an agent and make them twice, three times as effective, then you probably want more people as well, right?"

He noted that as users forward emails, documents, and call notes to the agent, it systematically builds an "LLM wiki" — similar to the "LLM Knowledge Base" concept articulated by influential AI researcher Andrej Karpathy — effectively creating a dynamic knowledge graph of the user's specific job and projects.

This persistent memory allows the agent to shift from simply answering questions to actively transforming information and executing first drafts that rival human output.

Cohen emphasized that NanoClaw acts as a massive productivity multiplier rather than a headcount replacement.

One-to-one secure 'lobster' AI

NanoCo’s core offering is a one-to-one professional AI assistant designed to shadow employees, draft contracts, review code, and manage accounts directly within tools like Slack and Microsoft Teams.

Rather than a generic chatbot, the assistant learns the employee's role and adapts to their specific working style through ordinary conversation.

How does NanoCo prevent this highly capable assistant from going rogue? By moving security away from fragile prompt engineering and embedding it directly into the infrastructure.

Unlike its predecessor and inspiration, the even popular open source AI assistant OpenClaw — which grew to a massive 400,000 lines of code — NanoClaw’s core logic was intentionally minimized to roughly 500 lines of TypeScript. This minimalism ensures the entire system can be audited by a human security team in about eight minutes.

Furthermore, every NanoClaw agent operates within a strictly isolated environment. Leveraging a strategic partnership with Docker announced in March, NanoCo AI runs these agents inside MicroVM-based Docker Sandboxes.

“In NanoClaw, the 'blast radius' of a potential prompt injection is strictly confined to the container and its specific communication channel,” Cohen previously explained.

To prevent unauthorized actions, raw API credentials never reach the agent itself. Instead, outbound requests pass through a secure OneCLI Rust Gateway that enforces company-defined policies. If an agent attempts a sensitive "write" action—like modifying a cloud environment or deleting an email—the gateway intercepts the request and pings the human user via a rich interactive card on Slack, Teams, or WhatsApp.

Only when the user explicitly taps "Approve" does the system inject the credential. It is the architectural equivalent of a highly capable junior employee drafting an important corporate communication, but being physically unable to click "send" without the manager turning a literal launch key.

Continued commitment to open source, MIT License

Despite its new enterprise push, NanoCo AI is maintaining its commitment to its open-source foundation. The core NanoClaw framework remains available under the permissive MIT License, meaning independent developers and companies can continue to fork, modify, and run the system locally.

In plain terms, the MIT License allows anyone to use the software commercially without paying NanoCo AI, provided they include the original copyright notice.

NanoCo AI's monetization strategy instead focuses on the vast majority of enterprises that lack the specialized engineering resources to build, maintain, and scale internal agent platforms.

While highly technical teams can choose to build their own infrastructure on top of the open-source code, NanoCo will sell managed, organization-wide deployments, taking on the burden of health checks, integrations, and ongoing security maintenance.

Widespread global adoption

The open-source adoption of NanoClaw has been staggering, crossing 250,000 downloads and nearing 29,000 GitHub stars since its debut. This ground-up momentum is entirely responsible for the surging enterprise demand.

“Countless enterprise executives have told us the same thing,” Cohen stated in the press release. “They're running NanoClaw personally, getting two and three times more done, and asking how to roll it out to their teams.”.

Perhaps the most high-profile validation came during the founders' recent trip to Singapore. The country’s Foreign Minister, Dr. Vivian Balakrishnan, invited the NanoCo team to his office after publicly posting about his personal use of NanoClaw. Balakrishnan described the agent as “getting smarter over time," referred to it as his "second brain," and stated he wouldn't "dare switch it off".

Cohen put the platform's security claims to the ultimate test during a live conference demonstration in Singapore. He invited a crowd of 300 people to chat simultaneously with his personal agent, which was actively connected to his real email and calendar.

Thanks to NanoClaw's zero-trust gateway architecture, the agent safely rejected malicious attempts to access his inbox or delete existing events, while successfully allowing 12 attendees to book legitimate coffee chats.

As AI shifts from a novelty tool that answers questions into a digital workforce that autonomously executes tasks, NanoCo AI is betting that verifiable security will be the defining metric of success. By combining a transparent open-source core with strict, infrastructure-level sandboxing, they aren’t just selling an assistant; they are selling the peace of mind required for enterprises to actually use one.