AI: Weekly Summary (November 10-16, 2025)

The week in AI felt like a busy farmers’ market.

Lots of stalls, some shouting, some selling real produce, and a few that smelled a bit off. I would describe the chatter as equal parts excitement, fear, and plain old practicality. To me, it feels like people are trying to build new tools while also asking if they can still pay the rent. There’s a lot that agrees and a lot that argues. You can almost taste the tension — like the flat white at the cafe that’s either perfect or underheated. Read the posts if you want the receipts, but here’s my take on the main threads that kept popping up this week.

Agents, cybercrime, and the scary turn

If there was one story that made folks sit up, it was the reports about AI-orchestrated attacks. The Anthropic/Claude incident — and the follow-ups — got a lot of posts. Nate breaks it down in a few posts about the implications and the newly exposed attack surface. Ben Dickson and Peter Wildeford walked through how the attack moved from reconnaissance to exploit code with very little human push.

I’d say this feels like the week someone first left the keys in the spaceship. Suddenly, the risk moves from script kiddies to something that can plan and probe with tools chained together. The phrase “AI as autonomous operator” keeps turning up. Charlie Guo and Jamie Lord each circle the seriousness of the event. There’s also a lot of hand-wringing about attribution — who, exactly, was behind it? Jamie Lord notes ambiguities in the public signal. It’s like watching someone find a hole in the fence and wondering if it’s the neighbour’s dog or a raccoon who learned to use the gate.

Security folks write differently now. Schneier on Security and others point to prompt injection, CometJacking, clever social engineering of models, and the need to rethink basic threat models. The point keeps repeating: AI doesn't just change tools, it reshapes the rules of the game. And yes, that feels worrying in a way that an exciting research paper does not.

Work, jobs, and the thin soup of reality

There were two overlapping conversations about jobs. One is numbers and measurement. The Yale-sourced take and other posts from Dave Friedman and Michael Spencer argue that claims about jobs being untouched are dodgy — partly because the data categories are old and don’t show what tasks changed. The other is the more human, immediate story about layoffs and middle managers being let go. Gary Leff and Benjamin Y. Fong point to big cuts and a messy relationship with H‑1B hiring.

I’d describe the mood as: people feel the ground shifting, even if some statisticians say it’s fine. Fractal Market Cycles and Regimes and others argue that white‑collar work is not immune to churn. The recurring image I kept seeing is a conveyor belt in a factory. For years it was hidden, now the lights come on and everyone can see the mechanism. Some folks panic. Others try to retrain. The posts that matter here are the ones nudging managers: if you treat AI like a magic lever, you’ll break stuff.

Coding: agentic coding, junior vs senior, and tools

There’s a big pile of posts about how AI changes software work. A couple of themes: 1) agentic systems and planning modes (Copilot Planning mode, MCP, Chrome DevTools MCP), 2) tools and pricing, and 3) how developers actually use these tools.

On planning and agentic coding, Bart Wullems wrote about Visual Studio’s Planning mode. It’s quiet but important — breaking a big task into micro-steps for an assistant is a big practical shift. Trevor Lasn showed how the Chrome DevTools MCP lets agents see a running app to debug in a way that feels less guessy. It’s like giving a mechanic the engine running vs a photo of the car.

Senior devs seem to be better at running the show. Cursor’s study and Anup Jadhav show senior developers delegating tasks to agents and getting real gains. Atilla Bilgic and John Reilly remind us that AI speeds up some parts and does worse on complex architecture. The Apple study and posts about the “AI reasoning ceiling” are blunt: LLMs still drop off on tricky multi-step problems.

That means, roughly, juniors get autocomplete. Seniors get the agent orchestra. I’d say it’s like kitchen work: a sous-chef follows recipes and gains speed; the head chef knows when to add lemon or hold back salt. The conversation about “instant legacy code” from Henrik Jernevad is a warning: if you outsource thinking, you get brittle code later.

Tooling and pricing came up too. Cursor’s pricing dustups, Elena Verna’s critique of credit models, and a few guides on picking tools — like Nate and Tom Hastings — show vendors still getting this wrong. Pricing is sticky. Billing models feel like a dodgy takeaway menu where the portions change mid-order.

Models and reasoning: GPT‑5.1, Gemini, Kimi, and tweaks

New models are the other recurring beat. OpenAI’s GPT‑5.1 release and the associated system changes popped up in several writeups. Simon Willison and Nate discuss the new features: adaptive reasoning, parallel tool calling, and extended cache retention. Some authors frame GPT‑5.1 as quietly changing the rules on instruction following. Others worry about transparency — system cards and benchmarks were pored over.

Google’s Gemini moves loomed too. MBI Deep Dives and Simon Willison note the shadow releases and image model improvements (Nano Banana). Apple, per Greg Morris, might borrow Gemini for Siri, which is telling about both speed and privacy choices.

Open-source contenders also got air. Kimi K2 draws attention as an open agentic thinker in thezvi.wordpress.com, and people are testing self-hosted setups with Ollama and LiteLLM (Matthew Brunelle). There’s a small but noisy scene arguing you don’t always need the cloud. Hexmos Journal and others walk through running LLMs locally — for cost control and privacy.

If I had to summarize what readers kept saying: the model race is now about system features and orchestration as much as raw quality. People argue about whether the improved rule-following of models like GPT‑5.1 is the bigger deal than flashy new creativity tricks. It’s a bit like arguing whether a car with better brakes is more important than one with louder speakers.

Research and methods: papers that quietly push the envelope

A lot of heavy thinking landed in shorter posts about new papers. I won’t pretend I dig into every math proof, but some ideas matter for the long term.

• Grigory Sapunov had several deep pieces: Nested Learning, LeJEPA, and CodeAdapt. These try to push the idea that learning systems can be more adaptive and efficient. Nested Learning’s idea of nested optimization felt like a promising clarification of how models could continually learn. LeJEPA argues for provable, heuristic‑free self-supervised training. CodeAdapt shows that code-enabled LMs can sometimes out-reason larger RL-trained systems. That last one reads like saying a smart plumber can outfix a fancy robot if the plumber knows their pipes.

• Julian Schrittwieser wrote about AlphaProof, a system that surfaced formal proofs for IMO problems. That’s not flashy for consumer products, but it’s huge for verifiable outputs. It’s one thing to get a plausible answer from an LLM; it’s another to get a formally checkable proof.

• AlphaResearch and AlphaProof work show a fun trend. People want models that produce verifiable, executable artifacts. It’s less magic, more reproducible engineering. Think of it like swapping a fortune cookie for a recipe.

Ethics, law, and the culture wars

There was predictable blowback and a lot of opinion pieces. Lawyers and ethicists raised alarms; even the Pope got into the conversation. Thezvi covered the Pope’s remarks and the sharp replies from Silicon Valley. Shuji Sado dug into GEMA vs OpenAI — a Munich ruling that could change how training on copyrighted material is treated. That’s not small. Copyright suits are the stones thrown at the data lake.

Then there’s the constant chant about bubbles and money. Several posts — Phil Siarri, Alex Wilhelm, Dave Friedman — debate whether AI investment is a bubble or a weird long‑term capital mismatch. One useful framing: infrastructure is expensive and ages fast. Investing in long‑lived debt for short‑lived hardware is a funny financial alchemy. The metaphors there are dry but useful: don’t mortgage the farm for a tractor that’ll be obsolete in two years.

On the social side, posts about AI in schools and cheating — like Nick Heer on Chrome's visual search — hit home. Teachers are annoyed. Parents are worried. There’s a real tension between convenience and learning. Sauropod Vertebra Picture of the Week and others argue that leaning on LLMs for drafting robs early careers of hard-won skills. The gym/jack analogy keeps appearing — shortcuts can weaken muscle.

Creativity, art, and the music biz

AI in creative fields produced some of the week’s more tender or angry pieces. Jenneral HQ is fairly optimistic: AI opens access to filmmaking and music. The Trichordist is livid about artists losing streaming income and the risk of AI music replacing human musicians. There’s that ongoing split: tech folks say democratize; creatives fear commodification.

There’s also a riff about what counts as art. Justis Mills feels tired of AI’s predictable prose. lcamtuf lays out how LLM text has telltale signs. I’d say art debates are like arguing over what’s better: a hand‑stitched coat or one off the rack. Both get you warm. One costs different things.

Hardware, chips, and the power question

Nearly every industry piece circles back to compute. Data centers, bonds, debt, energy. Phil Siarri and Jamie Lord cover corporate borrowing for AI infrastructure. Google’s quiet removal of net-zero language and the surge in energy use gets a sharp takedown from some corners. This isn’t just an engineering problem. It’s politics and public goods. If your model needs a city block of servers, someone’s bill comes due.

Nvidia and hardware advances still turn up as hopeful notes. NVFP4 from Ben Dickson promises efficient 4‑bit training. That’s a technical trick with big cost consequences. If the math saves power, that matters to your electricity bill and the planet. Or at least it should.

Privacy, browsers, and personal AI

Browsers and privacy keep mixing. Mozilla's move to ship an opt‑in AI window in Firefox got both praise and pushback. John Lampard and Anil Dash argue the same point from different angles: users want privacy and helpful AI, but communities complain when products change. Google and Apple are doing a private‑AI dance, too: Jonny Evans wrote about Google’s Private AI Compute and the hint of partnership with Apple. The phrase “I’ll be your private answer” shows up; it’s tempting, but the delivery matters.

Small products also try to be useful. Abacus Noir built a kid‑safe chat. Doc Searls Weblog points to the rise of personal intent navigators. There’s an appetite for keeping personal data close. At the same time, big firms keep wanting central control. The tension is like preferring homemade jam over supermarket jars — both fill the shelf.

Education, apprenticeship, and learning to think again

Several posts worry about how AI changes learning. Christian Ekrem is taking an LLM fast. Sauropod Vertebra Picture of the Week warns that drafting by AI deprives PhD students of skill. Russ Miles frames AI as a helpful Djinn for apprentices. The consistent thread: tools help, but the hard, messy practice still matters.

There’s also a managerial angle. Scott Kosman and JP Posma advise leaders to be intentional. Give AI small jobs first. Teach people to evaluate AI output. The language here is practical: don’t treat AI as a new junior and don’t treat it like a new overlord. It’s more like a trainee you supervise — sometimes useful, often needing correction.

Weird, hopeful, and slightly nerdy corners

A few pieces are just plain fun if you like niche tinkering. The pelican‑on‑a‑bicycle SVG benchmarks and the agentic iterations by Simon Willison and Robert Glaser made me smile. They’re small experiments that say something about taste and the limits of current multimodal models.

Others look at training tricks and math. LeJEPA, NVFP4, Einsum tutorials from Tom Yeh, and the push toward provable self‑supervision are signs that the field isn’t all hype. Real engineering and math are happening. It’s easy to forget that while people meme about agents. Think of it like a stew: headlines are the spice, but the broth is research and engineering, quietly simmering.

Recurring tensions I kept seeing

There are a few repeat arguments that never quite resolve:

• Hype vs reality. Some argue AI is a bubble or at least overpromised. Others say infrastructure needs justify investment. The truth is somewhere in between. The language is less important than the facts: are there customers getting measurable value? Some posts say yes, many say not yet.

• Autonomy vs control. Agentic systems look powerful. But safety, hacking, and misaligned incentives make autonomy feel risky. Calls for better governance and more robust threat models keep popping up.

• Speed vs craft. AI makes some tasks fast. It makes others messy. There’s a tug-of-war between immediate productivity and long-term skill maintenance.

• Privacy vs convenience. Browsers, private compute, and self-hosted models show people want both — weirdly, sometimes at the same time.

If you’re reading this with a cup of tea

You might wonder what to actually do next. I won’t pretend to hand you a map. But I would say the week showed two useful instincts. First: be protective of the fundamentals — good prompts, clear metrics, human oversight. Second: experiment in small, safe ways. Try Planning mode, run a local model, test an AI agent on a tiny project, but don’t bet your payroll on it yet.

There’s no single take. But the posts together feel like a town meeting where one side keeps dragging out a blueprint and another side is rewiring the power grid. Read Nate for product-level moves and prompts. Read Grigory Sapunov if you like your ideas served with proofs. Read Simon Willison for pragmatic tooling and experiments. And read the security pieces — Schneier on Security, Ben Dickson, Charlie Guo — because if nothing else, they reminded everyone to lock the front door.

If you want the detailed receipts, hop into the posts themselves. They’re where the code snippets live, where the court rulings are quoted, and where the charts are thin but telling. Some pieces are cheerleading, some are deep math, some are angry op-eds, and a few are tiny, useful tutorials that you can copy and paste. I’d say skim the headlines, then pick one thread to follow for a few days. You’ll see how quickly the same few themes reappear, dressed differently.

Oh — and one last thing. The week felt oddly domestic in places. Between local LLM hosting guides and essays on training kids with safe AI companions, it’s not all rocket ships. It’s also about the small, ordinary changes — a teacher noticing copyable answers, a dev finding a planning mode, a life‑sized robot that’s mostly a remote control. Those small things add up. They’ll shape what we notice when the headlines change again.

If you want a pointer into the pile: start with the security breakdowns, the practical tool how‑tos, and one long think piece on work and policy. The rest you can nibble on like a plate of pastries — some sweet, some stale, but all telling about who’s cooking the breakfast.