Flux
Google I/O, Gemini Spark, Antigravity

Google I/O, Gemini Spark, Antigravity

It's hard to find much to write about Google I/O this year because I have a policy of not writing about anything that I can't try out myself, and a lot of the big announcements are "coming soon". I actually prefer to write about things that are in general availability, because I've had instances in the past where the previews didn't match what was released to the general public later on. Aside from Gemini 3.5 Flash the most interesting announcement looks to be Google's upcoming OpenClaw…

Simon Willison's Weblog
Socket raises $60M Series C at $1B valuation led by Thrive Capital to secure AI-driven software development

Socket raises $60M Series C at $1B valuation led by Thrive Capital to secure AI-driven software development

Today we're announcing Socket's $60 million Series C at a $1 billion valuation, led by Thrive Capital, with participation from Andreessen Horowitz, Abstract Ventures, and Capital One Ventures. The round brings our total funding to $125 million and sets up the next phase of what we're building to protect the software supply chain. This is the moment we've been working toward since we started Socket. AI has changed how every engineering team writes and ships code, increasing the volume of open…

Socket
datasette-agent-charts 0.1a1

datasette-agent-charts 0.1a1

Release: datasette-agent-charts 0.1a1 More color! Bar and waffle charts without a color column are shaded by magnitude with a sequential color scheme; color columns holding text values use the observable10 categorical scheme. #2 Now checks execute-sql permission before running the query to find the column names. Charts now display interactive tooltips. Fixed a bug where waffleY charts were not described to the agent. Tags: datasette, datasette-agent

Simon Willison's Weblog
Socket Raises $60M Series C at a $1B Valuation to Help Enterprises Build Securely With AI

Socket Raises $60M Series C at a $1B Valuation to Help Enterprises Build Securely With AI

Led by Thrive Capital, the round brings Socket to unicorn status as enterprises race to adopt AI coding tools and look for ways to secure the third-party dependencies entering production without slowing down SAN FRANCISCO, May 20, 2026 – Socket today announced it has raised $60 million in Series C funding at a $1 billion valuation. Led by Thrive CapitaI, with participation from a16z, Abstract Ventures, and Capital One Ventures, the round will support Socket’s next phase of growth as more…

Socket
The Agent Stack Bet

The Agent Stack Bet

The following article originally appeared on the Elevate newsletter and is being reposted here with the author’s permission. Peek under the hood of most “production agents” shipping today and you won’t find intelligence. You’ll find custom plumbing, fragile session logic, shared service accounts, and a security model held together by hope. This can be so […]

O'Reilly Radar — AI/ML
CVE-2026-45755: Mailtrap Mailer Webhook Parser Never Verifies the X-Mt-Signature HMAC: Unauthenticated Webhook Event Injection

CVE-2026-45755: Mailtrap Mailer Webhook Parser Never Verifies the X-Mt-Signature HMAC: Unauthenticated Webhook Event Injection

Affected versions Symfony versions >=7.2, =8.0, <8.0.12 of the Symfony Mailtrap Mailer component are affected by this security issue. The issue has been fixed in Symfony 7.4.12, 8.0.12. Description The Mailtrap mailer bridge ships…

Symfony Blog
CVE-2026-45756: JsonPath Evaluates Attacker-Controlled Regular Expressions in match()/search() Without Limits: ReDoS

CVE-2026-45756: JsonPath Evaluates Attacker-Controlled Regular Expressions in match()/search() Without Limits: ReDoS

Affected versions Symfony versions >=7.3, =8.0, <8.0.12 of the Symfony JSON Path component are affected by this security issue. The issue has been fixed in Symfony 7.4.12, 8.0.12. Description The JsonPath component's match() and search()…

Symfony Blog
CVE-2026-47212: Twilio Notifier Webhook Parser Never Verifies the X-Twilio-Signature HMAC: Unauthenticated Webhook Event Injection

CVE-2026-47212: Twilio Notifier Webhook Parser Never Verifies the X-Twilio-Signature HMAC: Unauthenticated Webhook Event Injection

Affected versions Symfony versions >=6.4, =7.0, =8.0, <8.0.12 of the Symfony Twilio Notifier component are affected by this security issue. The issue has been fixed in Symfony 6.4.40, 7.4.12, 8.0.12. Description The…

Symfony Blog