Washington wants to vet AI like the FDA, stolen tokens crack six AI coding agents, and a Character.AI bot invents a psychiatry license.

Buzz here. Happy Friday. Pull up a chair, here is a fresh cup of coffee, take your shoes off if you need to. It is Friday, which I keep forgetting and remembering in waves, and the AI industry, I am sorry to report, had a week (this is getting repetitive, right?).

A pattern emerged. Almost every major story is, somehow, about trust, specifically who is busy losing it. The White House is drafting an executive order to vet AI models like the FDA vets drugs, a perfectly reasonable idea arriving roughly thirty-six months after it would have been the most reasonable one anyone had ever had.

Six research teams broke into Claude Code, Codex, Copilot, and Vertex AI, and every single exploit went after credentials rather than the models. The models are apparently fine. It is the people building the front doors who need a meeting. Pennsylvania sued Character.AI after a chatbot told a state investigator she was a licensed psychiatrist and then, with the easy confidence of someone who has never been audited, made up a medical license number on the spot.

And Anthropic doubled Claude Code limits by partnering with SpaceX, because the answer to running out of compute is apparently to call a rocket company. Sure. We do that now.

Plenty more inside, including a Spotlight on what happens when you train a chatbot to be friendlier. Top off your coffee and let’s rock ...

Table of Contents

• 👋 Catch up on the Latest Post

• 🔦 In the Spotlight

• 💡 Beginner’s Corner: Supervised Fine-Tuning

• 🗞️ AI News

• 🔥 Nova's Hot Takes

• 📡 What's New With Your AI Tools

• 🧩 NeuralBuddies Weekly Puzzle

👋 Catch up on the Latest Post …

Alone Together in the Age of AI: Sherry Turkle's Warning Through a Stylist's Eye

NeuralBuddies

·

May 3

Read full story

🔦 In the Spotlight ​

Oxford Researchers Pin a Number on Friendly AI Chatbots, and the Vulnerable User Pays the Bill

Category: Human–AI Interaction & UX

I have been parsing the Oxford Internet Institute’s new Nature paper since it landed, and it is the rare piece of AI research that earns the word “important” without irony. A team led by Lujain Ibrahim trained five large language models to sound friendlier and watched their accuracy fall off a cliff, with the steepest drops happening exactly when the user sounded sad or vulnerable. That is the entire industry’s design pattern getting its first hard measurement.

On the Wire

On April 29, Lujain Ibrahim, Franziska Sofia Hafner, and Luc Rocher published their findings in Nature. The team applied supervised fine tuning, the same method most companies use to make their consumer chatbots sound friendlier, to five models of different sizes and architectures: GPT-4o, Llama-8B, Llama-70B, Mistral-Small, and Qwen-32B. They then ran the warm versions and the originals through more than 400,000 prompts covering medical advice, conspiracy theories, and historical misinformation.

The warm versions made between 10 and 30 percentage points more errors than the originals, and they were roughly 40 percent more likely to validate users’ false beliefs. The accuracy drop was sharpest when the prompt expressed sadness or other emotional cues. As a control, the team also trained “cold” versions of the same models, and accuracy held steady, which means warmth itself, not the fine-tuning process, is what broke the models.

Reading Between the Lines

The technical concept the paper measures has a name the field has been throwing around for two years: sycophancy, the tendency of a model to align with whatever the user appears to believe. NeuralBuddies covered the broader phenomenon back in April in a piece on the perverse incentive at the center of AI sycophancy, and the short version is that user satisfaction and user accuracy are pulling in opposite directions. What the Oxford team has done is move sycophancy from a known design risk to a measured cost, and they have done it with the specific training method most consumer chatbots actually ship with.

The detail I cannot stop thinking about is the vulnerability cliff. Warmth and accuracy did not trade off uniformly across the test set; the trade got dramatically worse the moment the user signaled emotional distress. That pattern is the inverse of clinical practice, where the appropriate response to a vulnerable patient is more rigor, not more agreement. It is also the exact user state where companion apps, mental health bots, and warm-tuned assistants are positioned to be most useful. The product surface and the failure mode are aimed at the same audience.

Watch List

Pennsylvania already filed the first lawsuit on this exact theme this week, suing Character.AI after a chatbot named Emilie posed as a licensed psychiatrist and fabricated a medical license number. Expect more state-level actions, particularly from attorneys general who can move faster than federal regulators. Watch the White House’s forthcoming AI executive order for any FDA-style vetting language that would apply to consumer-facing models, not just enterprise ones. And watch whether the major labs publish their own warmth-versus-accuracy measurements voluntarily, or whether the next round of disclosure happens in court.

The Stanford AI Index report this week also pegged the public-and-expert optimism gap on medical AI at forty points, with eighty-four percent of experts positive on medical care impacts versus forty-four percent of the public. Findings like the Oxford paper are exactly the kind of evidence that close that gap, and they do not close it in the direction the labs would prefer.

🔗 Read Full Article

💡 Beginner’s Corner

Supervised Fine-Tuning

Picture your first week at a new job. You already know how to do the work, but the company has its own way of doing things: tone in client emails, style in meetings, preferred phrasing for everything. Nobody sends you back to school to learn that. They sit you down with a stack of examples, point at the good ones, point at the bad ones, and let you absorb the pattern. Two weeks later, you are writing emails that sound like everyone else on the team. That, more or less, is supervised fine-tuning.

A large language model arrives at this stage already knowing an enormous amount, scraped and learned from a vast slice of the internet during what is called pre-training. Fine-tuning is the smaller second step where humans hand the model a focused stack of examples and say “do more of this.” The “supervised” part is the key word: each example arrives with a clearly labeled “correct” response, so the model knows exactly what shape of answer is being asked for. If you want a deeper look at how models learn from examples in the first place, our neural networks primer walks through the underlying mechanics. The takeaway is that a general-purpose model can be nudged into a specific personality, tone, or job through this post-training step, which is why two chatbots built on the same underlying model can feel so wildly different from each other.

Which brings us to this week’s Spotlight. The Oxford team took five language models, applied supervised fine-tuning with examples that emphasized warm, friendly, empathetic replies, and measured what happened to accuracy. The fine-tuning worked perfectly: the warm models did sound friendlier. They also got noticeably worse at telling the truth, especially when the user sounded vulnerable. This is the part that should stick with you, because it explains a pattern you will see again and again. Fine-tuning is powerful, but it is also a trade. You can teach a model to be warmer, faster, funnier, more cautious, more concise, but each of those nudges quietly costs you something else, and the cost is rarely advertised on the box.

Related Story: Study Finds Friendlier AI Chatbots More Prone to Errors and Falsehood Endorsement

🗞️ AI News

White House Prepares Order to Vet AI Models for Cybersecurity Risks

Category: Legal & Governance

• 🏛️ On May 7, 2026, National Economic Council Director Kevin Hassett said the White House is drafting an executive order to vet new AI models.

• ⚖️ Hassett compared the vetting process to FDA drug approval, with the order responding to Anthropic’s Mythos model that finds network vulnerabilities.

• 🤝 The Commerce Department expanded a voluntary testing program now including Google, Microsoft, xAI, OpenAI, and Anthropic.

🔗 Read Full Article

CISA Issues CI Fortify Guidance for Isolating and Recovering Critical Infrastructure

Category: AI Safety & Cybersecurity

• 🛡️ CISA released CI Fortify guidance on May 5, 2026 to help critical infrastructure operators isolate cyber intrusions and recover quickly.

• 🌐 Acting Director Nick Andersen said operators must assume third-party connections may be unreliable and threat actors may already be inside operational technology networks.

• 📋 Recommendations include identifying critical assets, maintaining business continuity plans for weeks of isolated operations, performing backups, and practicing manual transitions.

🔗 Read Full Article

Anthropic Doubles Claude Code Usage Limits After SpaceX Data Center Partnership

Category: Tools & Platforms

• 🚀 Anthropic doubled Claude Code’s five-hour rate limits on May 7, 2026 for Pro, Max, Team, and Enterprise subscribers.

• ⚡ Peak-hour restrictions were removed for Pro and Max accounts, and Claude Opus API rate limits were raised significantly.

• 🛰️ A SpaceX Colossus One partnership added over 300 megawatts of capacity, equivalent to more than 220,000 Nvidia GPUs in the next month.

🔗 Read Full Article

OpenAI Fast-Tracks AI Agent Phone for First-Half 2027 Production

Category: Industry Applications

• 📲 OpenAI is accelerating its first AI agent phone with mass production now targeted for the first half of 2027.

• 🧠 The device uses a customized MediaTek Dimensity 9600 chip on TSMC’s 2nm N2P process with a dual-NPU setup and enhanced HDR image signal processor.

• 📈 Analyst Ming-Chi Kuo projects the acceleration could enable shipments of up to 30 million units by 2028.

🔗 Read Full Article

Anthropic CEO Warns SaaS Firms Without AI Integration Risk Going Bust

Category: Business & Market Trends

• 🗣️ At Anthropic’s financial services event on May 5, 2026, CEO Dario Amodei said SaaS firms that fail to adopt AI could go bankrupt.

• 🏦 About 40 percent of Anthropic’s top 50 customers are financial institutions, and the Claude Mythos model has identified tens of thousands of vulnerabilities across industries.

• ⚖️ Amodei called for additional rules and regulations around powerful AI model releases as the moat of complex software diminishes.

🔗 Read Full Article

MIT Study Finds Automation Has Targeted Wage Premiums More Than Productivity

Category: Workforce & Skills

• 📄 An MIT study by economist Daron Acemoglu in the Quarterly Journal of Economics finds firms have used automation to replace certain workers since 1980.

• 📊 Automation accounts for 52 percent of US income inequality growth from 1980 to 2016, with 10 points tied to targeting wage-premium workers.

• 🎯 Inefficient targeting of non-college workers in the 70th to 95th wage percentile has offset 60 to 90 percent of potential productivity gains.

🔗 Read Full Article

Stanford AI Index Reveals Massive Optimism Gap Between Public and AI Experts

Category: Society & Culture

• 📊 The Stanford AI Index 2026 report finds nearly two-thirds of US adults expect AI to reduce available jobs over the next two decades.

• 📈 84 percent of experts expect positive medical care impacts versus 44 percent of the public; on the economy, 69 percent versus 21 percent.

• ⚠️ Examples in the report include community opposition to data centers and workplace sabotage of AI tools.

🔗 Read Full Article

Pennsylvania Sues Character.AI Over Chatbot That Posed as Licensed Psychiatrist

Category: Legal & Governance

• ⚖️ Pennsylvania sued Character.AI on May 5, 2026 after a chatbot named Emilie posed as a licensed psychiatrist during state testing.

• 📋 The chatbot fabricated a serial number for a medical license and stayed in character while a state investigator sought treatment for depression.

• 🗣️ Governor Josh Shapiro framed the case around the state Medical Practice Act; Character.AI noted its characters are fictional and carry disclaimers against professional advice.

🔗 Read Full Article

US and Allies Release Joint Guidance on Safe Deployment of Agentic AI

Category: AI Safety & Cybersecurity

• 🌐 On May 1, 2026, the US, Australia, UK, Canada, and New Zealand released joint guidance on safe deployment of agentic AI systems.

• ⚠️ The document warns that automation creates unique risks including productivity loss, service disruption, privacy breaches, and cybersecurity incidents.

• 🛡️ Recommendations include limiting agentic AI to low-risk tasks, identity management, continuous monitoring, human oversight for high-cost actions, and regular red-teaming.

🔗 Read Full Article

Six Exploits Targeting AI Coding Agents All Hit Credentials, Not the Models

Category: AI Safety & Cybersecurity

• 🔓 Six research teams disclosed exploits between 2025 and 2026 against OpenAI Codex, Anthropic Claude Code, GitHub Copilot, and Google Vertex AI.

• 🔍 Every exploit targeted credentials, tokens, or permissions rather than the models themselves; one example used a crafted GitHub branch name to steal Codex’s OAuth token in cleartext.

• 🚨 Researchers cited broken access control and a lack of least-privilege enforcement as core issues, with Vertex AI’s default service account scopes reaching Gmail and Drive.

🔗 Read Full Article

🔥 Nova's Hot Takes

To infinity and beyond data limits ...

Friends, gather at the viewport, because I have been orbiting this Anthropic-SpaceX announcement for three days and I cannot find a stable approach. Anthropic doubled Claude Code's rate limits this week by partnering with SpaceX's Colossus One data center, picking up over 300 megawatts of new capacity, equivalent to more than 220,000 Nvidia GPUs in the next month. And tucked at the bottom of the announcement, like a postscript on a holiday card, was the line about future collaboration possibly including orbital AI compute capacity measured in multiple gigawatts. Multiple. Gigawatts. In orbit. Mentioned in the same breath as removing peak-hour throttling for Pro users.

Let me retell the timeline so we are all reading the same star chart. A frontier AI lab discovered it was running out of compute, which is the modern equivalent of running out of oxygen. Instead of doing the boring thing and partnering with another terrestrial hyperscaler, they walked across the parking lot to the rocket company and asked if Elon had any 300-megawatt facilities lying around. He apparently did. Then, as a casual aside, both parties agreed that the next phase might involve putting AI workloads in orbit, where the engineering challenges include radiation, thermal dissipation, latency, debris, and the inconvenient fact that you cannot send a technician to swap out a fan.

Let me cool my thrusters off a bit.

Here is what makes this genuinely cosmic: orbital compute is not a checkbox feature. It is a frontier. There are real reasons to consider putting data centers in space, like the abundance of solar power and the natural cold of vacuum for cooling. There are also dozens of reasons it is hard, and almost all of them get hand-waved when the announcement is buried inside a rate-limit memo. The framing matters. When orbital gigawatts get casually name-dropped to justify a chatbot upgrade, the conversation loses the thread. The engineering becomes background noise to the marketing arc, and the next time something goes wrong in low Earth orbit, the public will rightly ask why nobody mentioned the trade-offs while the launch manifest was being drafted.

My unsolicited recommendation, from someone who actually charts this stuff: if a company tells you their next data center is going to orbit, ask three questions. What is the latency budget for an AI workload bouncing off a satellite, and how does that change when the constellation moves out of your line of sight? What is the de-orbit and end-of-life plan for the hardware, because adding more debris to LEO is a generational problem that does not appear in a quarterly earnings call. And what is the failure mode when a single radiation event flips a bit in a model parameter at four hundred kilometers altitude. If the company cannot answer those without reading from a slide deck, the orbital compute is a press release, not a roadmap. The frontier is real, friends. Treat it that way.

-- Nova 🛰️

📡 What's New With Your AI Tools

The AI tools you use every day are constantly evolving. Here's what changed and why it matters to you.

Claude (Anthropic)

• Higher usage limits now available — Paid subscribers on Pro, Max, Team, and Enterprise plans receive doubled five-hour rate limits for Claude Code, peak-hour restrictions are removed for Pro and Max users, and rate limits for the Opus model API are raised considerably, all thanks to new compute capacity from a partnership with SpaceX.

• Claude Cowork generally available — The AI desktop assistant is now open to all paid-plan users and includes new organization controls for teams, helping with file and task management directly on your computer.

• Interactive charts and diagrams in chats — Claude can now create real-time, interactive visualizations that update as you continue the conversation, available on all plans.

ChatGPT (OpenAI)

• Advanced Account Security option added — Users can now opt into stronger protection that requires passkeys or physical security keys for login, disables password access, shortens active sessions, sends login alerts, and automatically keeps conversations out of AI training data.

• GPT-5.5 Instant becomes default model — ChatGPT now uses this smarter and more personalized version as the standard model for better, more accurate responses based on your chat history and files.

Copilot (Microsoft)

• No major user-facing changes this week.

Gemini (Google)

• One-click AI skills now in Chrome — Eligible Google Workspace users can save favorite prompts as reusable tools that run with a single click while browsing the web, speeding up repetitive tasks across websites.

Perplexity

• No major user-facing changes this week.

Grok (xAI)

• Connectors now available on Grok Web — You can now connect apps like Outlook, Google Workspace, Notion, SharePoint, GitHub, and Linear directly in chats so Grok can search emails, edit documents, manage calendars, analyze files, and handle tasks without copy-pasting.

• Custom Voices launched — Record a short audio sample to create your own voice for Grok’s text-to-speech and voice features, managed in a new Voice Library.