Hallucinating AI, Scalable Quantum, and Supply Chain Threats

Good morning. Three distinct shifts are crystallising across AI, quantum, and web development today-each one reshaping how builders think about their tools and infrastructure.

When AI Recommendations Become Supply Chain Attacks

Here's something that caught attention this morning: one in five code samples generated by AI recommends packages that don't actually exist. Attackers are now registering those phantom names on npm and PyPI with malware inside. The security community calls this slopsquatting-a genuine attack vector that's already pulling thousands of downloads.

The mechanism is elegant and troubling. When you ask an LLM for a Python package recommendation, it confidently suggests something like huggingface-cli. The model hallucinates consistently-43% of fabricated names appear every single time across repeated queries. An attacker asks a few questions, collects the phantom names the model invents, then registers them on public registries. A developer (or their AI tool) runs pip install based on the model's recommendation and unwittingly installs malware. One researcher tested this with an empty placeholder package-it hit 30,000 downloads in three months. All organic traffic from developers following AI suggestions.

The payload typically travels as a post-install script that exfiltrates API keys and credentials. Some variants fetch payloads at install time, bypassing static scanners entirely. The defence is layered: lock your dependencies with version pinning, verify packages before installation, use scanning wrappers like Aikido SafeChain, and run AI agents in sandboxed environments. For teams relying on autonomous coding agents, this becomes infrastructure-critical.

Quantum Computing's Photonic Path to Scale

On the quantum side, Xanadu Quantum is preparing for public listing after a business combination with Crane Harbor Acquisition Corp. The company's highlighting its photonic approach as the differentiator-demonstrating scalability where superconducting approaches have struggled. Alongside this, MicroCloud Hologram has advanced deployable quantum recurrent neural networks for sequential learning tasks, addressing a real gap in practical quantum applications. These aren't announcements of breakthroughs; they're signals that the quantum sector is moving from research to commercialisation milestones.

Context Engineering: Making AI Agents Reliable

Finally, a practical shift in how teams deploy AI coding tools. Seventy-five percent of engineers use AI daily, yet most organisations see no measurable productivity gains. The gap isn't the model-it's the context. Developers are discovering that engineered context beats clever prompts. CLAUDE.md files (for Claude Code) and .mdc rules (for Cursor) create permanent project-scoped instruction sets that load automatically. One section flagging off-limits directories or testing requirements prevents the most costly agent errors. The pattern's spreading because it works: first-attempt accuracy improves dramatically when the model knows your architecture conventions before it starts.

These three threads-attack surfaces expanding as AI tools proliferate, quantum systems finding viable scaling paths, and workflows adapting to treat AI context as infrastructure-sketch the shape of what's next. The common thread: tooling is only useful if you understand what can go wrong and how to shape its inputs.