Cognition's $25 Billion AI Coding Empire, Anthropic's Dreaming Agents, and the Healthcare Breach Exposing 1.8 Million Identities

This has been one of those weeks where the AI industry simultaneously doubled down on its most ambitious bets and confronted its most uncomfortable truths. A startup building an autonomous software engineer just raised more money than most public companies are worth. Anthropic introduced a feature that lets AI agents literally learn from their dreams. Meanwhile, the cybersecurity landscape delivered a sobering reminder: even the tools designed to protect us are being weaponized against us, and when healthcare data gets caught in the crossfire, the stakes couldn't be more personal.

Can an AI Engineer Really Be Worth $25 Billion?

Cognition, the startup behind Devin — the autonomous AI software engineer — has closed a funding round of more than $1 billion at a $25 billion pre-money valuation ($26 billion post-money). The round was led by Lux Capital, General Catalyst, and 8VC, with participation from a roster of existing investors including Elad Gil. That represents a staggering leap from the company's $10.2 billion valuation just eight months ago.

The numbers behind the valuation tell an even more compelling story. Cognition has reached an annualized revenue run-rate of $492 million, a figure that would make it one of the fastest-growing software companies in history. For context, it took Slack roughly a decade to approach comparable revenue numbers. Cognition did it in a fraction of the time, powered entirely by the conviction that AI coding agents will become the backbone of software development.

This funding round isn't just a bet on Cognition — it's a declaration about the future of software engineering itself. When investors pour $1 billion into a company whose core product is an AI that writes code, they're betting that the traditional developer workflow is about to undergo a fundamental transformation. We've seen similar massive bets on AI infrastructure recently, but Cognition's raise stands out because it's targeting the most immediate and tangible application: the actual act of writing software.

Anthropic Lets Its Agents Dream

At its Code w/ Claude SF 2026 developer conference in San Francisco, Anthropic unveiled a feature that sounds like science fiction but is very much real: Dreaming. This new capability, available as a research preview for Claude Managed Agents, allows Claude to autonomously review its past sessions, identify recurring patterns, and build a more organized memory store — all without modifying the original data.

Dreaming works as a scheduled background process. After an agent completes a session, it evaluates the transcript, extracts useful patterns, deduplicates learnings, and curates them into a persistent memory store. The result is an agent that genuinely improves between runs — recurring mistakes get caught, shared workflows get refined, and team preferences get internalized. This is a significant step beyond simple context windows or retrieval-augmented generation.

Anthropic also shipped several other major features alongside Dreaming. Multiagent orchestration enables a lead agent to delegate work to specialist subagents running in parallel, each with its own model, prompt, and tools, all traceable in the Claude Console. An outcomes system lets developers define rubrics for success, with a separate grader agent evaluating results and sending the agent back for revision if needed — Anthropic reports this lifted task success rates by up to 10 points on the hardest problems. And webhook support now enables external integrations, rounding out what Anthropic clearly intends to be a comprehensive enterprise agent platform.

Perhaps the most immediately impactful announcement, however, was Anthropic's partnership with SpaceX to leverage the Colossus data center, resulting in doubled rate limits for Claude Code and the removal of peak-hour restrictions. For developers who've grown accustomed to throttling during crunch hours, this is a welcome reprieve. This builds on the massive compute deal Anthropic previously struck with SpaceX, further entrenching the infrastructure advantage that separates frontier AI labs from everyone else.

Meta AI Crosses One Billion Monthly Active Users

Mark Zuckerberg announced at Meta's annual shareholder meeting that Meta AI now has one billion monthly active users across its apps — a figure that has doubled from the 500 million reported in September 2024. That kind of growth in eight months is almost unprecedented for any consumer technology product, let alone an AI assistant.

Zuckerberg described the company's current focus as "deepening the experience," with an emphasis on personalization, voice conversations, and entertainment. Crucially, he signaled that monetization is on the horizon: Meta plans to explore "paid recommendations" and potentially a subscription service for users who want more compute power. If executed, this would put Meta in direct competition with OpenAI's ChatGPT Plus, Google's Gemini Advanced, and Anthropic's Claude Pro.

The significance here extends beyond raw user numbers. Meta AI is embedded directly into Facebook, Instagram, WhatsApp, and Messenger — platforms that collectively reach over 3.8 billion people. The standalone Meta AI app, launched in April 2025, adds another distribution channel. With a billion users already onboarded, Meta possesses something no other AI company can match: a pre-built distribution moat of planetary scale.

When Healthcare Data Breaches Become Biometric Nightmares

New York City's public healthcare system, NYC Health + Hospitals, confirmed a breach that should alarm anyone who has ever trusted their medical data to a hospital network. Hackers gained access to the system's network through a third-party vendor and maintained that access from November 2025 through February 2026 — three full months of unauthorized access before the intrusion was detected on February 2.

The breach exposed medical records of at least 1.8 million patients, and the stolen data goes far beyond typical healthcare breach territory. Alongside diagnostic information, medication records, lab results, insurance details, and Social Security numbers, the attackers also obtained biometric data including fingerprint scans. This is where the breach crosses a critical threshold: you can change your password, cancel your credit card, and even request a new Social Security number. You cannot change your fingerprints.

This incident reinforces a pattern we've been tracking: supply chain attacks targeting healthcare infrastructure continue to escalate in both frequency and severity. When a single vendor compromise can expose biometric data on nearly two million people, the case for zero-trust architectures in healthcare becomes not just a best practice but a moral imperative.

Your Antivirus Is Now an Attack Vector

In a development that would be almost comical if it weren't so dangerous, Microsoft confirmed that two zero-day vulnerabilities in Microsoft Defender — the very software designed to protect Windows systems — are being actively exploited in the wild. The vulnerabilities, tracked as CVE-2026-41091 and CVE-2026-45498, affect the Malware Protection Engine and broader antimalware platform.

CISA has added both CVEs to its Known Exploited Vulnerabilities catalog with a mitigation deadline of June 3 for federal agencies. The first vulnerability is a privilege escalation flaw caused by improper link resolution before file access in the Defender engine. The second has broader implications for Microsoft Defender and System Center Endpoint Protection. Together, they represent a scenario where the security software itself becomes the attack surface — an attacker can exploit the antivirus to gain elevated privileges on a system it's supposed to be protecting.

This is part of a brutal week for Microsoft's security reputation. Between these Defender zero-days, an active Exchange zero-day demanding emergency mitigation, and the Pwn2Own Berlin hacking event that uncovered numerous Windows zero-days, Redmond's security track record has taken a sustained beating. The pattern is clear: as security tools grow more complex and more deeply integrated into operating systems, they become more attractive targets. When the shield itself has holes, everything behind it is exposed. As we've noted in previous coverage, the security industry is entering an era where trust in foundational security tools can no longer be assumed.

The Bigger Picture

What connects these stories isn't just that they all happened in the same week — it's the underlying tension they reveal. The AI industry is moving at a velocity that outpaces the infrastructure designed to keep it in check. Companies like Cognition are raising billions to automate software engineering. Anthropic is building agents that learn from their own experiences. Meta is funneling a billion users into AI-powered interactions. Yet at the same time, the attack surface is expanding in every direction — through supply chains, through the security tools themselves, and through the irrevocable exposure of biometric data.

The central question this week isn't whether AI will transform industries. That ship has sailed. The question is whether our security infrastructure, our regulatory frameworks, and our ethical guardrails can evolve at even a fraction of the same speed. The stories above suggest we still have a considerable gap to close.