AI Solves a Geometry Puzzle, Gemini Gets Faster, and a VSCode Extension Just Burned 3,800 Repos
From OpenAI disproving a decades-old math conjecture to a malicious VSCode extension compromising thousands of GitHub repositories, this week's AI and dev news is a reminder that the field moves in every direction at once.
This week delivered a striking contrast: AI is now capable enough to overturn established mathematics, yet developers are still getting burned by trusting a bad extension in their code editor. Both things can be true at once — and both have real implications for how we build with these tools.
OpenAI Model Disproves a Central Conjecture in Discrete Geometry
OpenAI announced that one of its models has disproved a longstanding conjecture in discrete geometry — a result that mathematicians had failed to crack for decades. This isn't AI assisting a researcher; it's AI producing an original mathematical counterexample largely on its own. For companies evaluating where AI adds value, this is a signal that reasoning models are crossing into genuinely novel territory, not just retrieving or summarizing existing knowledge. If you're not yet experimenting with these models for complex problem-solving in your domain, the gap is widening. Read more →
Gemini 3.5 Flash Arrives
Google dropped Gemini 3.5 Flash, the latest iteration in its Flash line — optimized for speed and cost-efficiency without sacrificing too much capability. Flash models are the workhorses of production AI applications: cheap enough to run at scale, fast enough for real-time features. If your team is building anything that needs a low-latency inference layer, this release is worth benchmarking against whatever you're currently using. Read more →
GitHub Confirms 3,800 Repos Breached via Malicious VSCode Extension
This one stings. GitHub confirmed that a malicious VSCode extension compromised approximately 3,800 repositories by exfiltrating credentials and injecting code. The extension had been downloaded thousands of times before it was flagged. This is a supply chain attack targeting developers directly in their IDE — arguably the most trusted environment in a developer's workflow. The lesson is blunt: audit your installed extensions, enforce least-privilege tokens, and treat the extension marketplace with the same scrutiny you'd apply to any third-party dependency. Read more →
Qwen 3.7-Max: Alibaba Pushes Into Agentic AI
Alibaba's Qwen team published details on Qwen3.7-Max, positioning it explicitly as a frontier model for agentic workflows — autonomous task execution, tool use, and multi-step reasoning. The open-weight ecosystem around Qwen has been maturing quickly, and this release makes it one of the more credible alternatives to closed models for teams that want control over their inference stack. If you're architecting an AI agent system in 2026 and haven't evaluated Qwen, it belongs on your shortlist. Read more →
A Free Speech Win Worth Noting
Slightly off the usual tech beat, but relevant to anyone thinking about AI-generated content and legal risk: a Tennessee man jailed for 37 days over a political meme won an $835,000 First Amendment settlement. As AI makes meme and satirical content trivially easy to produce at scale, the legal and civil liberties questions around that content are becoming more urgent. Worth keeping on your radar. Read more →
From where I sit in Cluj, the geometry story is the one I keep coming back to — not because math is my specialty, but because it redraws the line of what we should expect from these systems. The question for my clients isn't whether AI is capable anymore; it's whether their workflows are ready to act on that capability.