Today on The Anvil: the US-Iran ceasefire goes from strained to 'life support,' agentic coding tools learn to validate against live infrastructure, and Google catches the first AI-generated zero-day exploit in the wild. Plus a Southeast Idaho data-center campus securing its own gas supply, and Hezbollah's $400 fiber-optic drones rewriting deterrence math.
Google Threat Intelligence Group disclosed the first documented case of attackers using AI to generate a zero-day exploit against a widely deployed sysadmin tool β caught before deployment. The companion GTIG report frames a broader shift: PRC and DPRK actors are using LLMs for vulnerability discovery, polymorphic malware obfuscation, autonomous operations (PROMPTSPY), and supply-chain attacks targeting AI environments themselves. Google's defensive response: Big Sleep and CodeMender for automated detection and remediation.
Why it matters
This moves AI-enabled offense from RAND-paper hypothetical to operational reality, validating the worry track that the White House and AI safety researchers have been on for two years. Pair it with this week's TrustFall (MCP supply-chain RCE) and Dragos's Mexican water-utility OT case from last week, and the picture is clear: the attack surface is expanding faster than the defensive tooling, and the defenders' best bet is symmetric β AI on AI. Expect insurance underwriting and SBOM-style 'AI bill of materials' requirements to follow.
Dessn (founders Gabriella Hachem, Nim Cheema) closed $6M led by Connect Ventures for a design tool that runs the actual production codebase in the cloud and lets designers work directly against it. Early customers: Color, Wispr, Mercury. Positioning is explicitly anti-Figma-integration β the bet is that 'design β export β handoff' is the wrong unit of work entirely. $39/seat/month with free codebase compilation and 5 weekly prompts.
Why it matters
This is a structural bet against the Figma model: if AI agents can already mutate production code, the handoff artifact (a Figma file) is overhead. Dessn pairs neatly with this week's shadcn-as-default-design-system analysis β both point to the same conclusion that code-first foundations are eating designer-led governance. For anyone running a design system, the question isn't 'Figma vs. Dessn' but whether your tokens, components, and approval contracts can survive in either tool without re-authoring.
Trimble's SketchUp shipped a Claude connector via Model Context Protocol β users generate 3D models from text, reference images, sketches, or floor plans, with Claude iteratively building geometry in cloud SketchUp sessions and tracking version history in chat. 30 free model saves, then paid tiers. The connector is live now.
Why it matters
MCP keeps quietly winning. After GitHub's Spec-Kit (29 agent integrations), Cursor/Claude Code/Copilot, and now a production CAD tool, MCP is the de facto standard for plugging agents into professional tools. For a design engineer working across physical and digital substrates, this is the first time a serious 3D modeler accepts a brief and produces geometry β not a marketing demo, an actual file in SketchUp's format ecosystem. The interesting follow-on is whether Fusion 360, OnShape, or Rhino ship MCP connectors next quarter.
GitLab CEO Bill Staples announced a flatter management structure, ~30% reduction in country presence, and reorganization of R&D into roughly 60 autonomous teams β framed as investment in the 'agentic era,' with internal AI agents handling code reviews, approvals, and handoffs. Pricing is shifting from per-seat to credit-based, mirroring GitHub Copilot's June 1 AI-credits transition (the third pricing recalibration for Copilot in under a year). Layoff scope discloses on June 2 earnings.
Why it matters
Two signals worth separating: (1) the genuine claim that agentic workflows let smaller teams ship more, and (2) the cost-cutting wrapped in agentic-era language. The credit-based pricing move is the more durable structural change β fixed-price seat SaaS doesn't work when each user can spawn hundreds of agent runs, the same logic GitHub already acted on June 1. With GitLab following, this pricing model is becoming a platform-layer standard, not a GitHub-specific experiment. For builders, the question is whether your tooling vendors' new credit pricing is predictable enough to budget against.
Project44 launched Autopilot, a no-code agentic platform that automates exception management and operational decisions for shippers, brokers, and 3PLs. Documented results from 18 months of deployment: 4% freight spend reduction, 70% drop in manual coordination, 75% faster sourcing cycles, 40% reduction in disruption costs. Currently free, with outcome-based pricing. Project44 explicitly positions standalone agentic startups as 'blank canvas tools' without data context β bundling AI inside the existing visibility platform.
Why it matters
This is the playbook variant of the GEP/Darden finding from earlier this week (90% of supply-chain AI pilots fail to scale). The verticalized incumbent with 1.5B tracked shipments per year argues that agents without data substrate are toys. Pair it with FedEx/ServiceNow embedding Dataworks into Source-to-Pay and Net Zero Logistics cutting daily routes in half with Finmile β execution-layer supply-chain AI is shipping faster than the pilot-failure stats suggest, but the winners are the platforms that already had the data.
SAP and Cyberwave put fully autonomous Vision-Language-Action + RL-trained robots into production at SAP's live St. Leon-Rot warehouse handling box folding, packaging, and shipping. The model generalizes across task variations, cutting training time from weeks to hours. Same day: Nomagic expanded its Brack.Alltron partnership to run VLA-driven picking on Sunday and overnight shifts in Switzerland, with continuous learning from live ops across millions of SKU variations.
Why it matters
Vision-Language-Action models β the same class of architecture powering general-purpose robotics research β are now running production picking lines for a major Swiss e-commerce retailer and inside SAP's own logistics ops. The story isn't 'robots in warehouses' (old news); it's that training-time has dropped from weeks to hours, and the same model class generalizes across product types without per-SKU programming. This is where Physical AI starts looking less like a forecast and more like an installed base.
An essay this week argues shadcn/ui β 114K+ GitHub stars, created by a developer in 2023, absent from Figma's ecosystem β has become the canonical design system for AI-generated UIs through path dependence: v0, Claude, Cursor, and MCP all standardized on it. The lock-in isn't designer-led governance; it's code-first defaults shipping faster than designer tools could specify them. Companion data point: a separate dev.to piece codifies physics-aware, token-driven React architectures (Atomix) along the same lines.
Why it matters
This is a structural shift in who governs the default design language across the web. Designer-led design systems (Figma libraries, Storybook docs, token specs) are increasingly downstream of code-level defaults that AI tools have already memorized. For a design engineer, the implication is concrete: investing in design-tool governance without a code-level foundation means losing the agent layer entirely. Pair it with Dessn (story #6) and the picture is consistent β the design/code seam is moving toward code.
CalEthos and subsidiary TerraVolt signed a firm 55,000 MMBTU/day natural gas supply agreement on the Northwest Natural Gas Pipeline for a planned behind-the-meter AI data-center campus in Southeast Idaho. Initial capacity 200β240 MW with expansion plans to several hundred MW. Structured as 'physical-infrastructure-as-a-service' to comply with the federal Ratepayer Protection Pledge β tech tenants pay for their own power rather than socializing costs onto utility ratepayers.
Why it matters
This is the second major Inland Northwest data-center power story in a week, following Avista's Novara Energy Alliance and Idaho HB 895's closed-loop cooling mandate. The pattern: hyperscale AI compute is moving toward behind-the-meter generation to bypass slow grid interconnection queues and avoid ratepayer-protection politics. For the region, it means hydrocarbon-backed compute capacity is showing up faster than utility-scale renewables can be built β and Idaho's regulatory environment is shaping up as more permissive than Washington's.
Four threads this week: (1) Public defenders Colin Charbonneau and Victoria Blumhorst sued Spokane County over December caseload ordinance that runs 36% above WSBA's felony recommendation and 7% over for misdemeanors. (2) Spokane Valley Council unanimously banned virtual-currency kiosks after a scam-driven suicide; FBI logged $5.6B in kiosk-aided scams nationally in 2023, $141.7M in Washington alone. (3) Councilmember Cathcart proposed scope-change oversight after Spokane Falls Boulevard rebuild estimates jumped from $7.8M (2023) to $14.15M β a 79.56% increase. (4) Spokane removed all 45 parking spaces under the downtown viaduct between Division and Cedar, blindsiding the Downtown Spokane Partnership.
Why it matters
Three of these four are governance-accountability stories β caseload ordinance vs. constitutional duty, infrastructure cost discipline, and the gap between police operational decisions and business-stakeholder communication. The crypto-kiosk ban joins Spokane City's 2025 ordinance and is a clear public-safety win. The public-defender suit is the one to watch: if WSBA's standards are deemed enforceable against county budgets, every county in the state has a fiscal exposure to recalibrate.
Three connected OC stories this week. (1) Federal H.R. 1 CalFresh cuts hit June 1 β ~300,000 OC residents lose ~$135M in annual benefits, removing an estimated $744M in local economic activity (every $1 of CalFresh generates $1.79 in local spend). (2) Orange County landfill tipping fees jump 53% July 1 ($43.89 β $67/ton, rising to $81 by year three) under new 10-year WISE Agreements ahead of Olinda Alpha's 2036 closure β expect 20β30% increases in commercial waste costs. (3) OC Supervisors voted 4-0 to deny appeal against the 181-unit Saddleback Meadows project in Trabuco Canyon despite wildfire evacuation concerns and a 24-year-old EIR.
Why it matters
These three threads share a root cause: state and federal policy choices landing on local budgets and local infrastructure simultaneously. CalFresh creates demand-side strain on food banks, employers, and corporate giving. Tipping fees translate directly into operating cost increases for every facility manager in the county. The Trabuco Canyon vote shows California's housing mandate overriding local fire-risk objections β a precedent that will be tested again across South OC's wildland-urban interface.
Day 74. Trump rejected Iran's 14-point counterproposal β submitted May 10 via Pakistani mediators, it included gradual Hormuz reopening, uranium dilution via third-party transfer, and a 30-day negotiation window β calling the ceasefire on 'massive life support.' New today: Iran's parliamentary speaker warned the US would be 'surprised' by Iran's response; Netanyahu publicly demanded uranium removal and facility dismantlement as preconditions; UK and France are convening 40 defense ministers on Hormuz trade restoration; fresh US/UK sanctions hit Iranian oil sales to China. Brent rose ~5% to $105.76; OPEC output at a 20-year low.
Why it matters
The deadlock is now specific and public: the US wants nuclear concessions before lifting the blockade; Iran wants the blockade lifted first; Netanyahu has added facility dismantlement as a public precondition, further narrowing any middle ground. Trump's quoted consideration of 'renewing combat operations more seriously' is the new signal β combined with the Lebanon fiber-optic drone campaign (story #5) and continued tanker strikes, the off-ramp is functionally closed. The ceasefire extended in April at Pakistan's request; Pakistan is now the failed mediator rather than the solution. For physical-goods supply chains, plan on sustained $100+ Brent and degraded AIS reliability through Q3.
Hezbollah has logged 45+ FPV drone attacks since the April 16 truce β 28 of them post-ceasefire β using $300β$400 fiber-optic-guided units with Chinese commercial components and Russian anti-tank warheads. Four IDF soldiers and one contractor killed; the Alma Center catalogues 80+ attacks since March. The fiber-optic guidance defeats Israeli EW. Israel is rushing radar enhancements and a new interception system but has no complete answer. IDF responded with a weeklong Golani Brigade raid across the Litani β 100+ targets, dozens of operatives killed. Iran has tied any peace agreement to halting Israeli operations in Lebanon.
Why it matters
Ukraine's fiber-optic FPV playbook has officially propagated to the Middle East, and Iran is reportedly seeding the same kits to Iraqi militias and Houthis. The cost asymmetry β $400 weapons defeating multi-million-dollar defense systems β is a permanent shift in deterrence economics, not a tactical blip. For product builders who pay attention to physical-systems supply chains: the components are off-the-shelf Chinese commercial drones plus a spool of fiber. Counter-drone, not strike capability, is now the scarce resource.
Graylark Technologies (the GeoSpy team) released Raven, an AI visual-intelligence platform that geolocates, identifies vehicles, targets streets, and analyzes scenes from low-quality imagery β CCTV stills, social-media uploads, screenshots, nighttime video β without relying on EXIF or other metadata. Already deployed by major city police departments, federal agencies, and international security organizations. Companion story: SOCOM is field-testing SkyFi's direct-to-ATAK satellite imagery platform.
Why it matters
Pixel-level geolocation at scale is the OSINT capability Bellingcat-style investigators have been building manually for a decade β now automated and licensed. Two implications: (1) democratization for legitimate investigators and journalists, (2) commodification for state surveillance. The companion sanctions against three Chinese geospatial firms feeding imagery to Iran show the dual-use problem in real time. Watch how the EU's AI Act applies to commercial geolocation tools β that's the regulatory pinch point.
Signadot shipped /signadot-validate, a skill that lets Claude Code, Codex, and Cursor agents run modified services against real production-like dependencies in Kubernetes, read back results, and iterate until tests pass β closing the autonomous loop between generation and verification without dropping the developer back into manual integration testing.
Why it matters
This is the missing rung in agentic coding: generation has been solved, but agents have been blind to distributed-system failure modes that only surface against real dependencies. For anyone shipping cloud-native systems, a validate-step that runs inside the agent's own loop changes the human's role from 'catch integration bugs' to 'review intent and outcomes.' Watch for similar skills attaching to Temporal, database migrations, and feature-flag systems β same pattern, different substrate.
Geospatial intelligence researcher Y Nithiyanandam, in a Diplomat interview, argues the strategic question has shifted from 'can Iran close Hormuz?' to 'who controls the terms of passage?' Iran achieved ~95% traffic collapse without conventional blockade using selective routing corridors, GNSS spoofing, AIS suppression, and toll systems. Satellite/AIS forensics show Asian responses diverged sharply: India deployed naval escorts, China used opaque ownership, Japan normalized 'negotiated navigation,' South Korea got hit outside managed zones. Companion ISW report flags 10,000 FPV drones distributed to ground units since June 2025.
Why it matters
This is the conceptual frame the rest of the Iran coverage is missing. Modern chokepoint control combines geography, electronic warfare, and uncertainty management β a template directly portable to the Bab-el-Mandeb (Houthis), Taiwan Strait, or the Black Sea. For OSINT practitioners, it surfaces a specific verification problem: when AIS is unreliable and GNSS is spoofed, what's the new ground truth? Bellingcat-style SAR damage mapping and commercial EO are the obvious replacements, but at higher cost and latency.
Agent loops close around real infrastructure Signadot validates against live Kubernetes, SAP Joule Studio adds Cursor/Claude Code as managed runtimes, JetBrains opens an ACP registry for vendor-agnostic agents. The agentic stack is moving past code generation into running, testable systems.
AI weaponization crosses a threshold Google's GTIG documented the first AI-generated zero-day exploit caught in the wild, while sanctioned Chinese geospatial firms reportedly fed targeting imagery to Iran. Both stories move 'AI-enabled threat' from hypothetical to operational.
Hormuz reframed: managed access, not blockade ISW analysis and a geospatial-intel interview both converge on the same point β Iran isn't closing Hormuz, it's metering it through toll systems, GNSS spoofing, and AIS suppression. The conceptual shift matters more than any single ship seizure.
Cheap fiber-optic drones erode expensive deterrence Hezbollah's $300β$400 FPV drones with fiber-optic guidance bypass Israeli EW; the Alma Center and Straits Times both document the cost asymmetry. Same template Iran is sending to Iraqi militias and Houthis.
Behind-the-meter power locks in for AI buildouts CalEthos/TerraVolt's Southeast Idaho campus signs a 55,000 MMBTU/day gas deal for on-site generation; NY Fed flags ASEAN supply-chain strains threatening the trillion-dollar AI capex map. The bottleneck isn't chips β it's molecules and megawatts.
What to Expect
2026-05-19—Kootenai County GOP precinct election β 141 candidates, three factions, 74 committeeman seats
2026-06-01—CalFresh benefit cuts hit Orange County β ~$135M annual benefits removed, ~$744M in local economic activity at risk
2026-06-02—GitLab earnings β scope of agentic-era layoffs to be disclosed
2026-06-04—Kootenai Sheriff / CdA Tribal Police joint town hall in Worley
2026-07-01—Orange County landfill tipping fees jump 53% under new 10-year WISE Agreements
How We Built This Briefing
Every story, researched.
Every story verified across multiple sources before publication.
🔍
Scanned
Across multiple search engines and news databases
894
📖
Read in full
Every article opened, read, and evaluated
169
⭐
Published today
Ranked by importance and verified across sources
15
β The Anvil
π Listen as a podcast
Subscribe in your favorite podcast app to get each new briefing delivered automatically as audio.
Apple Podcasts
Library tab β β’β’β’ menu β Follow a Show by URL β paste