Weekly AI News Roundup - 10 April 2026

Introduction

This week has been a rollercoaster for AI in business. We’ve got a significant price hike that could catch some business owners off guard, a major security wake-up call, and actually something genuinely useful from Google for a change.

Let me break down what happened and what it means for your business.

Google’s New Offline Dictation App

Google quietly released a new AI dictation app called Google AI Edge Elequant. And before you scroll past, this one is actually worth your attention.

It launched on iOS last week, completely free, and here is the key part. It works completely offline. Once you download the speech recognition models on your phone, you can dictate text without an internet connection. That matters if you are travelling, on site, or working somewhere with rubbish signal, which is a lot of the UK.

The clever bit is what happens after you have finished speaking. It automatically filters out all your ums, your ers, and mid-sentence corrections. It polishes your ramble into clean, professional text. Then you can transform it into different formats. So key points for a quick summary, emails for client communications, short forms depending on what you need. It can even pull keywords and jargon from your Gmail so it recognises your business-specific terms.

If you spend a lot of time typing emails, notes, or reports, this could save you hours each week. It is free, it works offline, and nothing leaves your device, so it is nice, safe, and secure. The app is iOS only for now, but if you have got an iPhone, download it and give it a test on things like sales notes, customer follow-ups, or meeting summaries. On-device AI that does not send your data to the cloud is exactly what a lot of businesses need.

Meta’s New Model Enters the Race

Meta announced Mews Spock, the first major AI model since the Llama disappointment last year, and the benchmarks suggest it actually compares with the leading models from OpenAI, Anthropic, and Google.

Mews Spock is Meta’s first reasoning model, meaning it works through problems step-by-step and adjusts its strategy if the initial approach fails. It handles text and images, and it can orchestrate multiple tools. Meta says it is particularly good at medical advice, having trained on data curated by over a thousand physicians. The company scored 52 on the Artificial Analysis Intelligent Index, placing it in the top five models benchmarked. That is a significant jump from Llama, which was widely considered a failure.

If you use Meta platforms for marketing or customer engagement, AI features are coming to those tools automatically. Meta is integrating this directly into WhatsApp, Instagram, Facebook, and Messenger. More competition in the AI space generally means better options and potentially lower costs for business.

Meta rebuilt their entire AI stack in nine months, achieving the same capabilities with significantly less compute. That means cheaper, faster AI development going forwards.

North Korean Hackers Hijack Axios

The next story is a bit of a wake-up call for any business that uses web-based software, and that is probably most of you.

North Korean hackers successfully hijacked the Axios project, one of the most widely used open-source JavaScript libraries on the internet. It gets downloaded tens to over a hundred million times every week. Developers use Axios to connect apps to the internet, which means if you run any web-based tools, a CRM, an internal dashboard, or anything that talks to a server, there is a good chance Axios is in there somewhere.

So how did it happen? The hackers spent about two weeks building trust with the maintainer. They posed as a real company, created a fake Slack workspace, used fake employee profiles, and then invited him to download a meeting that prompted him to download malware. Once they had remote access to his computer, they pushed malicious updates to the code repository.

The malicious versions were live for about three hours before being detected. Anyone who downloaded during that window may have had their systems compromised, potentially leaking private keys, credentials, and passwords. Google’s threat intelligence group attributed this to a North Korean hacking team that stole at least $2 billion in crypto last year alone. They target open source projects because one compromise can reach millions of devices worldwide.

So here is what you should do. If you work with developers, make sure they are pinning library versions and testing updates in a staging environment before pushing to production. Also, use tools like npm audit to scan for vulnerabilities. The malicious versions have been rolled back, so update to the safe releases.

This is exactly the kind of supply chain attack we have seen before with Log4J and npm utils, and it is not slowing down.

Claude Code Leak Now Packaged with Malware

Now this story is a perfect example of why the supply chain security issue matters.

Remember last week when I told you Anthropic accidentally leaked their entire source code for Claude Code? Hackers immediately started posting fake versions with bonus malware included. What happened is that the leaked code spread rapidly on GitHub, hitting 50,000 forks in two hours. Hackers created fake repositories posing as leaked Claude code downloads. Those archives contained actual malware, including an information stealer called VDO and a traffic redirecter called Ghost Sox.

Researchers found multiple malicious uploads specifically targeting developers and AI researchers who might be eager to get their hands on the code. If a developer in your company downloaded one of these fake repos, they could have compromised your corporate network.

The lesson is clear. Even trusted AI tools expose businesses to risks through their dependencies. When briefing your team on AI projects, make sure they verify sources before downloading anything. An infected machine could leak customer data or IP or even worse.

Quick Hits

Chubi in ChatGPT. Chubi became the first major streaming service to launch a native app inside ChatGPT. You can install it from the ChatGPT store and type to get movie and TV recommendations using natural language. For most business owners, this is not directly relevant, but it does signal a shift. Platforms are embedding AI experiences directly into where users already look for answers.

US Army’s Victor Chatbot. The US Army is building its own chatbot called Victor, trained on military data from missions including the Ukraine conflict. It helps soldiers surface information like how to configure electromagnetic warfare systems and cites sources to reduce errors. This is an interesting example of custom AI on internal data, which is basically what I recommend businesses doing if you are new to the channel.

Microsoft Launches Own Models. Microsoft launched three in-house AI models this week: My Transcribe for speech recognition, My Voice for voice generation, and My Image for image creation. This is the clearest signal yet that the $3 trillion company intends to compete directly with OpenAI and Google on model development.

Google DeepMind’s Gemma 4. Google DeepMind released Gemma 4, their most capable open models to date. The 31 billion model ranks number three on the Arena AI text leaderboard and outperforms models 20 times its size. It is released under Apache 2.0, which means commercially permissive. If data privacy is your concern for your business, running open models on your own hardware is an increasingly viable option.

Project Glasswing to Watch. Anthropic announced Project Glasswing, a cybersecurity initiative pairing an unreleased AI model called Claude Mythos with 12 major tech and finance companies. The model is specifically designed to find software vulnerabilities. Anthropic says it is too dangerous to release publicly because it can autonomously discover, exploit, and chain multiple security flaws without human supervision. Instead of releasing it, they are using it defensively scanning and critical infrastructure before criminals find the same holes.

What makes this worth watching is what it signals. Even the companies building the most powerful AI acknowledge that some capabilities are too risky to release openly. If you are handing over operations to AI tools, that should give you pause.

The Big Story: Anthropic’s Price Change

Now, the story mentioned at the start of the episode. This is the biggest practical concern for business owners this week.

Starting April 4th, Anthropic blocked Claude Pro and Max subscribers from using their subscription code with third-party AI agent frameworks like OpenAgent. If you were using a £20 a month Claude Pro subscription to power automation tools, that option is now gone.

Anthropic says subscriptions were not built for the usage patterns of third-party tools and they are focusing users to switch to pay-as-you-go API billing. The problem is that API pricing can be dramatically more expensive. Some users are reporting costs of up to 50 times the previous monthly spend. That is not a typo. 50 times.

It is well known that Claude makes their money from the API. They do not make as much from the monthly subscriptions. Monthly subscriptions for businesses are great for recurring revenue and ARR numbers and fund-raising, but the profit margins are not as big as what they are making off the API. So this was always going to happen.

If your team is using Claude-powered agents for automation, customer service, data analysis, or workflows through OpenAgent, expect immediate budget shocks. Fixed subscriptions no longer cover high-volume agent runs. You are now on variable costs that scale with usage.

The honest assessment is somewhere in between the revenue grab and sensible capacity management, but the practical advice is clear. Review your AI tools spending now. Calculate what the new price looks like. You might need to switch tools, negotiate a direct deal, or just absorb the costs.

If you are running tools like that, have a look at OpenRouter because that is the best platform. You can plug in an API into whatever you use in OpenAgent or Hermes. You can even use the Claude API on there if you want, or you can use cheaper models like Qwen 5.1, or Mini Max 2.5 or 2.7. You can use all these different ones which are a lot cheaper than using the Claude API. Alternatively, you can also use an open-source model on your own hardware, which is absolutely what I would recommend if you are going to use AI agents.

Key Takeaways

• Google’s new offline dictation app is free, works without internet, and keeps your data on your device. If you use an iPhone, it is worth testing for sales notes and meeting summaries.

• Meta’s Mews Spock is a genuine competitor to OpenAI and Anthropic. If you use Meta’s platforms for business, expect new AI features rolling out soon.

• The Axios hack is a serious reminder. Audit your dependencies, pin your library versions, and test updates before pushing to production.

• Anthropic’s price change could increase your costs by up to 50 times. Review your AI spending now and consider alternatives like OpenRouter or running open-source models locally.

• Project Glasswing shows that even AI companies acknowledge some capabilities are too risky to release. That should make you think carefully about what you hand over to AI tools.

Over to You

This week reinforces something important. AI tools are getting more capable, but they are also getting more expensive and more risky. The North Korean Axios hack, the Claude code malware, and the Anthropic price change all point in the same direction. You need to know where your data goes, what your tools actually cost, and who controls the infrastructure you are building on.

The businesses that will win are the ones that start simple, keep humans in the loop, and read the fine print.

Are you using AI agents in your business right now? Drop it in the comments below. I read every single one.

If this episode was useful, please subscribe because I break this down every single week. I do explainer videos, go deep on specific tools and trends that actually matter for your business. The core purpose of this channel stays the same: helping you as a business owner increase your AI literacy so you can use it as an advantage.

No hype, no jargon, just what you need to know. See you next week.