TLDR;

Anthropic added Andrej Karpathy to its pre-training team and acquired Stainless, the SDK and MCP-server generator that powers nearly every official AI SDK (including OpenAI's). On the platform side, Managed Agents added self-hosted sandboxes (public beta) and private-network MCP tunnels (research preview). Claude Code shipped six releases (v2.1.144–v2.1.149) with a per-category /usage breakdown, a renamed-and-expanded /code-review command, auto mode on the Pro plan, GitHub-flavored markdown checkbox rendering, and several security fixes. And Project Glasswing's first findings update reports that Claude Mythos Preview has identified 10,000+ high- or critical-severity vulnerabilities in essential software — patch windows are compressing. If you run Claude Code, claude update now.

---

---

Anthropic Org

Andrej Karpathy joins Anthropic's pre-training team — May 19, 2026

Karpathy announced on X that he joined Anthropic this week, working on pre-training under team lead Nick Joseph. Per Anthropic, the new team is "focused on using Claude to accelerate pre-training research itself" — i.e. Claude helping train the next Claude. Karpathy's quote: "I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D."

Editor's read: Karpathy is a founding OpenAI researcher, former Tesla Autopilot lead, and the author of the de facto LLM curriculum (CS231n, Zero to Hero, nanoGPT). The hire matters less as a single name and more as a direction marker: Anthropic is betting the next moat is research velocity — running more experiments per dollar of compute — and Karpathy's last stint at OpenAI was on midtraining and synthetic data, the exact levers labs now pull when raw scaling stalls. Watch for changes in how fast Claude itself evolves over the next 12 months.

Anthropic acquires Stainless — the SDK and MCP-server generator behind every official Claude SDK — May 18, 2026

Stainless has generated every official Anthropic SDK (TypeScript, Python, Go, Java, and more) since the earliest days of the API, and also generates MCP servers from OpenAPI specs. Its customer list included Cloudflare, Google, OpenAI, Replicate, and Runway. Reported deal size is north of $300M.

Editor's read: Watch what gets shut down. Anthropic has reportedly closed Stainless's hosted SDK generator to new customers — existing-customer SDKs keep working, but the toolchain that produced half the industry's SDKs is now Anthropic-controlled. If your team relies on Stainless to generate SDKs or MCP servers, plan around the possibility that third-party access narrows over time. The acquisition page does not currently commit to a continued third-party offering.

---

API & Model Updates

Prompt cache diagnostics now in Claude Console — May 18, 2026

When a request misses the cache, Claude Console now shows exactly which part of your prompt changed and how many tokens it cost you. Check it at platform.claude.com/usage/cache; docs here.

"Extra Usage" renamed to "Usage Credits" — May 19, 2026

Anthropic renamed "extra usage" to "usage credits" across Claude — the rebrand reflects that credits now power features like fast mode directly, not just overflow beyond plan limits. Spending limits, auto-reload settings, and existing credits carry over as-is; /extra-usage is now /usage-credits (old name still works).

Claude Design token limits doubled across all plans — May 18, 2026

Claude Design doubled token limits on every plan. No action needed — existing projects automatically get the higher limits.

---

Claude Code & CLI

Claude Code v2.1.144–v2.1.149 — /usage breakdown, /code-review, security fixes — May 19–22, 2026

Three things worth knowing across this week's batch:

1. /usage now breaks down tokens per category — skills, subagents, plugins, and per-MCP-server cost — in the CLI today, with Desktop coming next. The fastest way to find out which plugin is eating your context.
2. /simplify is renamed to /code-review and significantly expanded. It now reports correctness bugs at a chosen effort level (e.g., /code-review high) and accepts --comment to post findings as inline GitHub PR comments. Useful as a self-review step before opening a PR or as an autonomous reviewer for an agent loop.
3. Several real security fixes: a PowerShell permission bypass where built-in cd functions (cd.., cd\, cd~, X:) changed the working directory undetected; sandbox write allowlist in git worktrees was covering the whole main repo root instead of only .git; permission analysis trusted stale PWD/OLDPWD/DIRSTACK across cd/pushd/popd; bare variable assignments to non-allowlisted environment variables auto-approved in v2.1.145.

Also worth a scan: pinned background sessions stay alive when idle and restart in-place to apply Code updates; claude agents --json lists live sessions for scripting (tmux-resurrect, status bars); OpenTelemetry spans now carry agent_id and parent_agent_id so background subagent traces nest correctly; markdown output renders GitHub-flavored markdown task list checkboxes (- [ ] / - [x]) instead of plain bullets; new allowAllClaudeAiMcps enterprise setting loads claude.ai cloud MCP connectors alongside managed-mcp.json.

Heads-up: v2.1.148 was a Bash exit-code-127 hotfix — a regression from v2.1.147 had the Bash tool returning exit 127 on every command. If you skipped a day, you may have hit it.

Run claude update or update the Claude desktop app now.

Auto mode now on the Pro plan + Sonnet 4.6 support — May 22, 2026

Auto mode (Shift+Tab) is now available on the Pro plan in addition to existing tiers. Sonnet 4.6 is now supported in auto mode alongside Opus 4.7.

Claude Code at scale: best practices blog post — May 18, 2026

Anthropic published guidance on running Claude Code across multi-million-line monorepos, decades-old legacy systems, and distributed microservices. Worth a read if you're deploying at team scale.

Computer use in production: new blog post — May 19, 2026

New guidance on making computer use reliable in production: click accuracy, thinking effort levels, keeping long sessions within context, and recording demonstrations Claude can replay.

---

Agent SDK & Managed Agents

Self-hosted sandboxes (public beta) + MCP tunnels (research preview) — May 19, 2026

Two new security primitives for enterprise agent deployments. Self-hosted sandboxes keep the agent's execution environment in your own infrastructure (or with managed providers like Cloudflare, Daytona, Modal, or Vercel), so sensitive files and services never leave your perimeter. MCP tunnels let agents reach MCP servers inside your private network without exposing them to the public internet. Self-hosted sandboxes are available now on the Claude Platform; request access to MCP tunnels here. Docs: platform.claude.com/docs/en/managed-agents/self-hosted-sandboxes.

Managed Agents quality-of-life: hot-swap tools mid-session + large MCP output offloading — May 19, 2026

You can now swap a live session's tools, MCP servers, or vault IDs without restarting the session. Large MCP tool outputs (>100k tokens) are automatically offloaded to Sandbox files, preventing context bloat on heavy tool-use workflows.

Agent SDK releases this week — May 19–22, 2026

• @anthropic-ai/claude-agent-sdk@0.3.149 (TypeScript) — fixes options.env dropping CLAUDE_AGENT_SDK_VERSION when a custom environment is supplied. Docs now correctly state that Options.env replaces the subprocess environment rather than merging with process.env — audit your env handling if you pass a custom env object.
• @anthropic-ai/claude-agent-sdk@0.3.144 (TypeScript) — assistant messages and StopFailure hooks now report error: 'model_not_found' (was generic 'invalid_request') when the selected model is unavailable; new @anthropic-ai/claude-agent-sdk/extract export lets bun build --compile consumers embed and extract the native binary from a compiled executable.
• claude-agent-sdk==0.2.86 (Python) — bundles Claude CLI v2.1.149.

---

Research & Safety

Project Glasswing initial update: Claude Mythos Preview has found 10,000+ high or critical vulnerabilities — May 22, 2026

Claude Mythos Preview — Anthropic's invitation-only cybersecurity-focused frontier model, deployed through Project Glasswing since April — has identified more than 10,000 high- or critical-severity vulnerabilities in essential software since launch. Expert validators agree with Claude's severity assessments 89% of the time, and within one severity level 98% of the time. The update includes working zero-day exploits on fully hardened systems. Full technical writeup: red.anthropic.com/2026/mythos-preview/.

Editor's read: Even with Anthropic withholding specifics until patches deploy, the headline number is the actionable signal: patch windows are compressing. If your release cadence treats dependency bumps as routine maintenance to be batched once a quarter, that posture is becoming a liability. The concrete things to change: turn on auto-update where you can, treat CVE-bearing dependency bumps as urgent rather than routine, and put your incident response on a runbook a junior engineer can execute at 3 a.m. The pace will keep accelerating, not slow down.

---

Power User Patterns

Prompt tip: implementation-notes file for long agentic tasks — May 18, 2026

A widely-shared prompt pattern from the Claude Code team: instruct Claude to maintain a running implementation-notes.html file documenting decisions made outside the spec, tradeoffs, and unknowns. Useful for staying in the loop on long autonomous runs without having to read the transcript end-to-end.

Learning mode in Claude Code: /config → Output Style → Learning — May 18, 2026

Learning mode walks you through what the agent is doing rather than just doing it — useful for teams who want to use Claude Code while staying hands-on enough to actually understand the changes.

---

Competitor Dev Tools

Cursor 3.5: Automations in the Agents Window, multi-repo and no-repo automations — May 20, 2026

Cursor Automations are now inside the Agents Window and support multi-repo configurations and no-repo (pure monitoring/workflow) automations. New Marketplace templates for Slack digests, product analytics, finance, and customer health workflows. Agent runs for newly created automations are 50% off for 7 days from release.

---

Enterprise & Business

KPMG strategic alliance: Claude across a 276,000+ workforce — May 19, 2026

KPMG is integrating Claude across its core business and a workforce of more than 276,000 globally. Relevant for builders selling into professional services or audit/advisory — this signals the enterprise readiness and compliance posture that supports sales conversations in that vertical.

"The Problem Solvers" series: founders building on Claude — May 22, 2026

Anthropic launched a video series featuring founders building with Claude. First two episodes: Kay Zhu (co-founder/CTO of Genspark) and Scott Wu (Cognition/Devin). Watch at claude.com/problem-solvers.

"Widening the conversation on frontier AI": Anthropic Dialogue series — May 19, 2026

Anthropic has been running dialogues with scholars, philosophers, clergy, and ethicists on questions AI raises, starting with how good character forms. No direct developer action required, but signals how Anthropic's values-based positioning will continue to shape model behavior and policy.

---

Developer Tools & Community

Bun Rust port: Claude Code running on the rewrite for days, no behavior diffs — May 21, 2026

Follow-up to last week's announcement: Jarred Sumner reports running Claude Code on the Rust port of Bun for several days with no behavior differences and a passing test suite across all platforms — plus a ~10% bundler speed improvement. Claude Code is actively working through ~100 open PRs to rewrite Zig implementations as Rust, including the XML parser and memory leak fixes.

---

Action Items

Immediate:

• Run claude update (or update the Claude desktop app) to get Code v2.1.149 — includes PowerShell permission bypass fixes and the Bash exit-code-127 regression fix from v2.1.148.
• If you use the TypeScript Agent SDK and pass a custom options.env, audit your code: Options.env replaces (not merges with) process.env. This is now documented in v0.3.149 but was previously undocumented behavior.
• Read the Project Glasswing initial update and audit your dependency-patching policy — auto-update wherever possible, treat CVE-bearing bumps as urgent, automate your incident response pipeline.

Watch:

• If your team uses Stainless to generate SDKs or MCP servers, monitor the Anthropic Stainless acquisition page for clarity on continued third-party availability — none committed in the announcement.
• Request access to MCP tunnels (research preview) if you need agents to reach private-network MCP servers without public-internet exposure.

---

All Resources

• Andrej Karpathy joins Anthropic — TechCrunch
• Karpathy's announcement tweet
• Anthropic acquires Stainless
• Project Glasswing — landing page
• Project Glasswing initial update
• Mythos Preview technical details
• KPMG integrates Claude across 276,000+ workforce
• Widening the conversation on frontier AI
• The Problem Solvers series
• Claude Code v2.1.149 release notes
• Claude Code v2.1.148 release notes
• Claude Code v2.1.147 release notes
• Claude Code v2.1.146 release notes
• Claude Code v2.1.145 release notes
• Claude Code v2.1.144 release notes
• claude-agent-sdk-typescript v0.3.149
• claude-agent-sdk-typescript v0.3.144
• claude-agent-sdk-python v0.2.86
• Self-hosted sandboxes docs
• Managed Agents updates blog post
• Prompt cache diagnostics docs
• Prompt cache diagnostics in Claude Console
• Auto mode on Pro plan + Sonnet 4.6
• Usage credits rename announcement
• Managed Agents security improvements
• Managed Agents hot-swap + large output offloading
• Computer use in production blog post
• Claude Code at scale blog post
• Claude Design token limits doubled
• Implementation notes prompt tip
• Learning mode in Claude Code
• Bun Rust port + Claude Code
• Cursor 3.5 changelog