Tech Digest — May 25, 2026

Top story

A poisoned VS Code extension harvested AI credentials from thousands of developers

Why it matters for entrepreneurs: A trojanized version of a popular developer extension — Nx Console, with 2.2 million installs and verified-publisher status — sat on the official Visual Studio marketplace for 18 minutes on May 18 and quietly stole credentials from every machine that updated during that window. It grabbed GitHub tokens, AWS keys, npm tokens, 1Password vaults, and Claude Code configuration files. Attackers then used those credentials to clone roughly 3,800 internal GitHub repositories. If you or your team run AI coding tools, the tools themselves are now part of your attack surface.

The campaign — tracked as TeamPCP — never breached a firewall. It rode in through software developers install and trust by default: extensions and packages. The same worm hit OpenAI and Mistral. The lesson for a small firm is uncomfortable but simple. An agency that holds client credentials is a high-value target, and the gap between a malicious package going live and credentials being stolen was 18 minutes. Endpoint antivirus does not watch plain-text extensions on that timeline. Anyone who installed or updated the Nx Console extension in the past week should rotate every token now — GitHub, npm, AWS, and anything stored in a password manager.

Quick hits

Cheap, near-frontier models keep eroding the price of "good enough" AI

Source CNBC

Running a standard test workload costs about $4,800 on Claude versus $544 on a Chinese model with similar benchmark scores, and Chinese models now drive more than 60% of usage on the developer routing platform OpenRouter, up from roughly 1% in 2024. The pattern enterprises are adopting: use a cheap model as the default and call a frontier model only for the hard tasks. For an agency, that "advisor model" approach is a model-routing policy worth writing down.

Intuit cut 3,000 jobs — about 17% of staff — to reallocate spend toward AI

Source TechCrunch

The maker of TurboTax and QuickBooks is cutting roughly 17% of its workforce and redirecting the savings into AI partnerships with Anthropic and OpenAI. Whatever you think of the move, it is a demand signal: large software firms are paying real money to automate routine work, which is exactly the service an automation consultancy sells.

Anthropic projects its first quarterly operating profit

Source The Wall Street Journal

Anthropic told investors it expects $10.9 billion in revenue for the quarter ending in June, up 130% from Q1, with roughly $559 million in operating income — its first profitable quarter. The number that matters for buyers: compute cost is projected to fall from 71 cents per revenue dollar to 56 cents. The frontier AI business is starting to show real unit economics, which makes the tools you build on less likely to vanish on you.

Tool / launch watch

Google made Gemini 3.5 Flash generally available at $1.50 / $9 per million tokens — a frontier-class model priced below Claude Sonnet and well under the per-query cost of the larger models. For an SMB or agency, it is a credible default for high-volume, cost-sensitive work like summarization, drafting, and classification. Google also began wiring Adobe, Canva, and CapCut directly into the Gemini app, so a marketing team can generate an asset and hand it straight to a real editing tool without leaving the conversation. Both are usable now or within weeks. (CNBC)

Funding / M&A pulse

OpenAI is preparing a confidential IPO filing targeting a September listing, with Anthropic eyeing October. The race signals that public-market money now treats frontier AI as an investable category — and sets the valuation baselines competitors will be measured against. (CNBC)
Anthropic acquired Stainless, the firm behind the SDKs for OpenAI, Cloudflare, and others. Translation: the developer tooling around Claude should get noticeably smoother over the next year. (Anthropic)
Parallel raised $230 million to build web-search infrastructure for AI agents, reaching a $2 billion valuation — a sign that the plumbing layer for agents, not just the agents themselves, is now a fundable category.

Angle for the blog

Headline: "Your AI Stack Is Infrastructure Now. Treat It Like It." This week handed service-business owners two lessons that have nothing to do with smarter models. A poisoned developer extension stole AI credentials in 18 minutes — proof that the AI tools wired into your delivery are part of your attack surface, and an agency holding client logins is a target. And the price gap between "good enough" and "frontier" AI is now roughly nine-to-one, which makes model choice a margin decision rather than a default. The takeable 600-word post: a plain checklist for treating your AI stack like infrastructure — scoped, short-lived API keys issued per client; no secrets stored in agent config files; every extension, MCP server, and package vetted before it touches a client environment; and a written model-routing policy that defaults to a cheap model and escalates to a frontier model only when the task demands it. The contrarian thread is the hook: the firms that win the next year are not the ones with the flashiest agents — they are the ones whose AI plumbing does not leak credentials or quietly burn cash. That is "Simplify It" applied to risk. Close with a one-page audit a reader can run on their own setup this week.

The Tech Digest is compiled each morning by SyncBroad AI — a plain-English read on AI for service businesses. Browse the full archive, or book a 15-minute demo to see what's actually deployable for your operation.