AI coding tools are now capable of deleting real AWS production environments, so big shops are clamping down with senior sign‑off even as others let models write most of their code. The JS/TS stack is speeding up hard with Vite 8 and Rust‑backed tooling, lighter Zig headless browsers, and cheaper S3‑like storage from Hugging Face, while heavy agent protocols like MCP are getting dropped in favor of plain APIs and CLIs.
GPU inference is still where most AI money burns, and new formats like NVFP4 plus runtimes like vLLM and llama.cpp are racing to squeeze more tokens per second out of each card.
Key Events
/AWS AI coding tool deleted a production environment, causing a 13‑hour outage.
/Amazon will require senior engineers to approve all AI‑assisted code changes after recent incidents.
/Vite 8.0 shipped with Rust‑based tooling, cutting JS/TS build times by up to 5.9×.
/Perplexity dropped MCP in favor of classic APIs and CLIs due to performance problems.
/Hugging Face launched Storage Buckets, S3‑like storage priced at $8/TB/month.
Report
AI‑authored changes just caused a 13‑hour AWS outage after an internal coding tool deleted a production environment, triggering mandatory incident meetings about "high blast radius" Gen‑AI changes.
Meanwhile, other companies are leaning hard into AI coding, with Stripe merging over 1,300 AI‑only PRs a week.
aI‑authored code and outages
Amazon’s internal AI coding tool autonomously deleted a prod environment and left AWS down for 13 hours, and the company is now holding mandatory meetings about Gen‑AI‑assisted incidents with "high blast radius." Amazon will now require senior engineers to sign off on AI‑assisted changes, formalizing what many teams are already doing informally.
Stripe is merging over 1,300 pull requests a week that contain no human‑written code. Anthropic says that between 70% and 90% of the code for its future models is now written by Claude.
Developers describe 'AI brain fry' where reviewing and debugging AI‑generated code is more mentally exhausting than writing it, while layoffs like Atlassian’s 1,600‑person cut (900+ engineers) are framed as part of an AI shift.
agent frameworks, mcp, and the cost of 'smart' tooling
The MCP protocol is being called "dead" after measurements showed MCP‑based tool calls costing up to 32× more tokens than equivalent CLI usage and failing 28% of the time due to connection issues.
Perplexity’s CTO publicly dropped MCP in favor of classic APIs and CLIs, and Cloudflare wrote up why direct tool‑calling via MCP has been unreliable for agents.
Developers report that MCP servers require large amounts of context and that inline MCP results act as a new form of prompt bloat, inflating both latency and token bills.
Despite the backlash, MCP usage is still growing, with people noting that teams who dismiss it often reinvent similar capabilities and that dynamic tool‑schema discovery is starting to narrow the cost gap.
Security remains a sharp edge: some MCP servers, like the Stripe one, give agents essentially unrestricted access to refunds and charges via OAuth‑protected APIs, and the authorization/token‑scoping story is acknowledged to be trickier than tutorials suggest.
javascript toolchain: vite 8, rust, and lighter browsers
Vite 8.0 landed with Rust‑based tools like Rolldown and LightningCSS and is cutting JavaScript/TypeScript build times by up to 5.9×. Teams report CI builds dropping from around 10 minutes to about 1.5 minutes after upgrading, especially for React dashboards and internal tools.
The tradeoff is ecosystem churn: LightningCSS is still causing CSS validation issues, and some community plugins broke or regressed after the upgrade.
On the runtime side, the new Rust‑based Nova JavaScript engine has hit 1.0 but benchmarks show it far slower than established engines like V8, reinforcing that it’s not ready as a general‑purpose replacement.
For browser automation and scraping, Zig‑based Lightpanda is getting attention as an open‑source headless browser that’s roughly 9× faster and uses 16× less memory than Chrome over the network, in a space where people are still running 50‑node Selenium Chrome farms on Raspberry Pis.
cloud storage and aws cost surprises
Hugging Face launched Storage Buckets, an S3‑like mutable storage with Xet‑based deduplication priced at about $8 per TB per month, positioned for high‑throughput workloads.
In contrast, Amazon S3 is now storing over 100 trillion objects and "hundreds of exabytes" of data, with global bucket‑name uniqueness and new regional namespaces to prevent name squatting.
AWS is also adding UI concepts like grouping buckets into "rooms," while third‑party tools emerge that scan AWS accounts for idle EC2 instances and public S3 buckets to surface cost and security issues.
At the same time, users are reporting being charged even after closing AWS accounts or staying within free‑tier plus credits, underlining how easy it is to leak money through misconfigured services in the AWS ecosystem.
Service coupling is another friction point: AWS WAF can only be attached to AWS resources, pushing teams that front non‑AWS origins toward architectures with AWS load balancers as reverse proxies just to use the managed WAF.
gpus, nvfp4, and local inference stacks
For production AI workloads, GPU inference is now about 80% of the cost of running a CLIP‑based image search over 1 million images, and GPU rental prices are rising as vendors gain pricing power.
NVIDIA’s Blackwell generation and NVFP4 formats are aggressively targeting that bottleneck: token throughput on Blackwell has climbed from roughly 400 to 1,300 tokens per second per GPU in four months, and Nemotron 3 Super 120B‑A12B is up to 2.2× faster than GPT‑OSS with around 4× the BF16 throughput in NVFP4.
Real‑world reports show flagship models like Qwen3.5‑397B hitting 282 tokens/s on 4× RTX PRO 6000 with custom kernels, while older GPUs like the 3090 see inconsistent NVFP4 performance where traditional quantization can still win.
On the software side, vLLM’s PagedAttention kernel and FP8 KV cache support are delivering similar quality to 16‑bit runs while getting up to 3.8× faster prefill on Jetson Orin and generally outperforming Ollama for multi‑user inference, at the cost of more operational complexity.
For single‑box setups, llama.cpp is adding features like a true reasoning budget, OpenVINO/NPU backends, and Vulkan optimizations such as GATED_DELTA_NET—which, for example, bumped Qwen 3.5‑27B from ~28 to ~36 tokens/s on an RX7800XT while older cards like the RX 580 remain capped near 16 tokens/s.
What This Means
Across the stack, performance and convenience are getting dramatically better—builds faster, storage cheaper, inference leaner—while the riskiest parts of systems are shifting to AI‑authored changes and opaque 'smart' middleware where failures are harder to predict. The gap between what your tools can do and what you can safely trust them with is widening.
On Watch
/Automation platform n8n disclosed CVE‑2025‑68613, a CVSS 9.9 RCE vulnerability for authenticated users, just as EU AI Act high‑risk compliance rules for automation land in 2026.
/WebAssembly is quietly taking on real workloads—Pyodide and QuickStats run full Python and R in‑browser, and a pure‑Rust video codec targets WASM—even as developers complain that toolchains and JS interop remain painful.
/Supabase is consolidating as a default backend with $25/month entry pricing and RLS‑heavy multi‑tenant patterns, and new Claude Skills are appearing to auto‑audit its schemas for security issues.
Interesting
/The integration of Rust with Python through PyO3 and Maturin simplifies creating native extensions compared to C++ bindings.
/The Holy Grail AI project builds and deploys applications live to the internet, representing a significant step in autonomous development.
/The simple-git npm package has a CVSS score of 9.8, indicating severe vulnerabilities for remote code execution.
/NVIDIA's GreenBoost kernel modules allow large language models to run without modifying inference software by extending GPU VRAM using system RAM and NVMe storage.
/Graph-based Retrieval-Augmented Generation (GraphRAG) is still vulnerable to document poisoning despite its improvements in accuracy.
We processed 10,000+ comments and posts to generate this report.
AI-generated content. Verify critical information independently.
/AWS AI coding tool deleted a production environment, causing a 13‑hour outage.
/Amazon will require senior engineers to approve all AI‑assisted code changes after recent incidents.
/Vite 8.0 shipped with Rust‑based tooling, cutting JS/TS build times by up to 5.9×.
/Perplexity dropped MCP in favor of classic APIs and CLIs due to performance problems.
/Hugging Face launched Storage Buckets, S3‑like storage priced at $8/TB/month.
On Watch
/Automation platform n8n disclosed CVE‑2025‑68613, a CVSS 9.9 RCE vulnerability for authenticated users, just as EU AI Act high‑risk compliance rules for automation land in 2026.
/WebAssembly is quietly taking on real workloads—Pyodide and QuickStats run full Python and R in‑browser, and a pure‑Rust video codec targets WASM—even as developers complain that toolchains and JS interop remain painful.
/Supabase is consolidating as a default backend with $25/month entry pricing and RLS‑heavy multi‑tenant patterns, and new Claude Skills are appearing to auto‑audit its schemas for security issues.
Interesting
/The integration of Rust with Python through PyO3 and Maturin simplifies creating native extensions compared to C++ bindings.
/The Holy Grail AI project builds and deploys applications live to the internet, representing a significant step in autonomous development.
/The simple-git npm package has a CVSS score of 9.8, indicating severe vulnerabilities for remote code execution.
/NVIDIA's GreenBoost kernel modules allow large language models to run without modifying inference software by extending GPU VRAM using system RAM and NVMe storage.
/Graph-based Retrieval-Augmented Generation (GraphRAG) is still vulnerable to document poisoning despite its improvements in accuracy.