Hello!

Thank you for your feedback after our previous newsletters! As statistics show, you would like to receive longer newsletters with more AI-related news and extra articles in the Just Cool section. We’ll try our best to find the most exciting news for you and follow your recommendations!

This week, Amazon's giving AI agents a native file system with S3 Files, ending the object-file split that's been a thorn in multi-agent pipelines. Meanwhile, Anthropic's Claude is on a wild growth run, shooting from $1B to $19B. They also say their top AI cyber model is too dangerous for public release.

Oh, and keep an eye on Rowhammer attacks creeping into machines with Nvidia GPUs.

Grab your coffee, relax, and enjoy Frictionless!

Vercel’s CDN now respects Cache-Control headers from external origins by default, bringing its behavior in line with how standard CDNs operate. Instead of overriding or requiring custom headers, Vercel will follow the caching rules defined by your upstream service. If your caching strategy depends on multiple layers, it’s worth asking: where should the source of truth for cache behavior actually live?

Most Next.js projects start clean and then slowly fall apart as features grow, logic spreads, and teams start duplicating code across apps. This guide walks through a layered approach to fix that, covering everything from folder structure to shared logic and CI/CD.

Next.js is moving toward a more platform-agnostic future. With the new Adapter API, the framework now outputs a standardized, versioned description of your app that any provider can use. It makes deployments more consistent across platforms like AWS, Cloudflare, or Netlify.

AI is bringing cyber risk into the boardroom, making it a core leadership concern rather than something handled only by IT teams. This HBR piece highlights a growing gap: threats are evolving faster than organizations are prepared to manage them, creating a strategic weakness at the leadership level.

Uber didn’t scale by following a clean architecture plan. It adapted under pressure. In this conversation with its first CTO, Thuan Pham, the story starts with constant outages and a fragile system, then moves through a series of “tours of duty”: stabilizing, re-architecting, and scaling both the platform and the organization.

AI agents work best with files and directories. But most enterprise data lives in object storage like S3, which doesn’t behave like a file system. This article introduces Amazon’s answer: S3 Files, a new layer that lets agents access S3 data as if it were local, without copying or syncing it first.

Anthropic has built its most powerful cybersecurity-focused AI model to date—and decided not to release it publicly. According to the company, the model’s ability to identify and exploit software vulnerabilities is strong enough to pose real-world risks, so access is being restricted through a controlled program called Project Glasswing.

Cursor 3 reframes what a development environment looks like. Instead of centering the IDE, it introduces an agent-first interface where developers manage multiple AI agents working across repos, tools, and environments from a single workspace.

AI agents have moved from experiments to real-world systems. And the result isn’t smooth progress, but growing complexity. This piece uses Claude and OpenClaw to show how quickly things escalate once agents can act autonomously across tools, environments, and workflows.

Anthropic scaled from $1B to $19B ARR in just 14 months by focusing on a small number of high-impact bets and a distinct operating model. In this interview, the company’s Head of Growth explains how they prioritize bold initiatives, double down on activation, and even use Claude internally to run growth experiments.

New research shows that Nvidia GPUs are vulnerable to advanced Rowhammer attacks that can escalate far beyond memory corruption, potentially giving attackers full control over a system. By targeting GPU memory (VRAM), techniques like GDDRHammer and GeForge can manipulate memory in ways that ultimately compromise the CPU as well.

Vercel abstracts most of the infrastructure behind modern web apps - connect a repo, push code, and it’s deployed globally with CDN, serverless functions, and edge execution built in. This guide explains how that model speeds up delivery, especially for Next.js and frontend-heavy projects, while removing the need for dedicated DevOps work.

One stolen credential was enough to compromise one of JavaScript’s most widely used libraries. In this incident, attackers hijacked a maintainer’s npm token for Axios and published malicious versions that silently installed a cross-platform remote access trojan on developer machines.

Modern hardware is incredibly fast, but most software leaves performance on the table by ignoring how it actually runs. This piece introduces mechanical sympathy - designing systems with an awareness of CPU behavior, memory access, and concurrency constraints - and breaks it down into practical principles used in high-performance systems.

Do you have any comments about this newsletter issue or questions you want to ask? Drop me a message or book a meeting.